Researchers have discovered critical security flaws in connected smart plugs which can give attackers access to a full home network — as well as your email account. Craig Young, Security Researcher at Tripwire commented below. Craig Young, Security Researcher at Tripwire: “This is entirely unsurprising to anyone who’s been paying attention to the IoT market. Often times these devices do not use authentication at all and when they do it is commonly hardcoded or generated with an insecure algorithm. Product vendors in this space may have expertise when it comes to making hardware but it seems that they lack experience…
Author: ISBuzz Team
Clothing store chain Eddie Bauer said it has detected and removed malicious software from point-of-sale systems at all of its 350+ stores in North America, and that credit and debit cards used at those stores during the first six months of 2016 may have been compromised in the breach. IT security experts from ESET, Tripwire and Guidance Software commented below. Mark James, Security Specialist at ESET: “POS malware is now so common its becoming almost the “Norm”, the bad guys have learnt that the best place to skim credit card details is from the machines that process them, with so much of…
With the rise of the Internet of Things, businesses are now exposed more than ever before to the threats of cyber attacks and online fraud. How can you ensure you minimise the risks posed by unsolicited fringe devices and keep your company protected? Jason Fry, a cybersecurity specialist and Managing Director at PAV i.t. services, investigates. When it comes to IT equipment, fringe devices aren’t always the first things on the radar when it comes to potential security breaches. However, the hazards they pose lie in both company policy and the potential for unsolicited devices to connect to your online network.…
For many businesses a merger or acquisition is highly charged. There’s often excitement about new beginnings mixed with angst that comes with any major business change – not least when it comes to IT security. During a merger and acquisition, you have two enterprises each running complex IT infrastructures with hundreds if not thousands of applications. Usually, these applications don’t just simply integrate together– rather, some perform overlapping functions and need to be altered or extended; some need to be used in parallel; while others need to be decommissioned and removed. This means amending, altering and updating firewall policies to…
Robert Capps, VP at NuData Security commented below on the growth in online shopping, and warns that consumers need to be aware of the risks associated. Robert Capps, VP at NuData Security: “While we can all agree that it’s good to see growth in the economy, lower prices and improving consumer confidence (especially following Brexit), in our business we always look at this kind of news with mixed feelings. The parasitical nature of fraud is that it follows its host. At the risk of sounding like party poopers, accompanying these growth numbers is the inevitable rise in fraud. Much of this growth…
Scott Register at Ixia looks at how the latest malware can be mutated to evade detection by conventional defences, and how businesses can counter the threat. Everything has to change and adapt to its environment in order to survive, whether it’s a plant, animal, or malicious code developed by cybercriminals. As new attack techniques are developed to breach networks and steal data, or to encrypt critical files and demand ransoms from victims, security researchers strengthen defenses and introduce new features to counter the emerging threats. For a short while, criminals may have an advantage until a security solution or feature…
According to a survey report issued by Okta, 65% of respondents think that a data breach will happen within the next 12 months if they do not upgrade legacy security solutions in time. NSFOCUS, FireMon and Lastline commented below. Richard Meeus, VP Technology EMEA at NSFOCUS IB: “Attacks will happen. It is no longer a case of if, but, when. Whether it will be a massive breach that is widely reported or a small attack that takes a business offline, the options open to attackers are manifold. Security and productivity often make strange bedfellows. Both are integral to the business but both can have negative effects…
Are you confident with your country’s cyber security? According to a recent study, geographic location is crucial to ensure data security. Apart from the country’s technological capacity, there are other things that must be promoted by the government, including pertinent legislation, and capacity building, to promote cyber security awareness. These are the factors that play a vital role to ensure that the government can offer the necessary protection against cyber attack for all its data security stakeholders including the state, its citizens and industries. However, based on Global Cybersecurity Index (GCI) by ABI Research and the International Telecommunication Union’s report,…
Clothing store chain Eddie Bauer said it has detected and removed malicious software from point-of-sale systems at all of its 350+ stores in North America, and that credit and debit cards used at those stores during the first six months of January may have been compromised in the breach. George Rice, senior director, payments at HPE Security – Data Security commented below. George Rice, Senior Director, Payments at HPE Security – Data Security: “Retail malware is typically designed to steal clear data in memory from Point of Sale (POS) applications, resulting in the loss of magstripe data, EMV card data or other sensitive data…
Hackers have been targeting Pokemon Go players via SMS, prompting them to click on a link to gain access to thousands of Pokecoins and in-game currency, in exchange for points. However, the link would instead lead players to a phishing site called Pokemonpromo.xxx. Dwayne Melancon, CTO and VP, Research and Development at Tripwire commented below. Dwayne Melancon, CTO and VP, Research and Development at Tripwire: “We’re all attracted by “get Pokemon quick” schemes, aren’t we? This kind of attack seeks to get information from you when your guard is down because you’re focused on the glory of being a Pokemon…