Following the news of a cyber-attack being mounted against the Australian census website, Dave Larson, Chief Operating Officer at Corero Network Security commented below. Dave Larson, Chief Operating Officer at Corero: “While the motives for this attack remain unclear, personal data is a highly valuable commodity for cybercriminals – be it for running phishing campaigns, to sell the data on the dark web or some other nefarious purpose. For this reason, accessing an online census database would be very appealing. “That said, DDoS attacks serve many different functions and are often more complex than they first seem. In addition to causing…
ISBuzz Team
Professor Avishai Wool, CTO and Co-Founder of AlgoSec, discusses how organizations’ basic network structure can help or hinder APT attacks. Advanced Persistent Threats (APTs) are among the most insidious cyberattacks faced by businesses today. We’ve all heard of the Stuxnet worm, and other high-profile attacks including the 2014 Sony Pictures Entertainment hack, described by one observer as ‘the perfect APT’, and 2015’s Carbanak attack, which specifically targets financial institutions. Will an APT affect your business? Well, ISACA’s 2015 Advanced Persistent Threat Awareness Study found that 74% of respondents believe that they will be targeted by an APT, and 28% had already been attacked. …
The systems of the Oracle MICROS payment terminals division have been infected by a malware, systems worldwide are potentially at risk. The attackers infected the troubleshooting portal of the Oracle MICROS payment terminals to steal customers’ login credentials, then use the usernames and passwords to access their accounts and gain control over their MICROS point-of-sales (POS) terminals. IT Security Experts from ESET, Lieberman Software and Imperva commented below. Mark James, Security Specialist at ESET: “Oracle’s MICROS system has been compromised by malware; this could have been a targeted attack through some means of phishing process or just a lucky random…
With the FBI currently investigating alleged Russian efforts to undermine the Democratic Party through hacking attempts, there are concerns that the U.S. presidential election may be hacked. IT security experts from Tripwire commented below. Tim Erlin, Director, Security and IT Risk Strategist at Tripwire: “It will be a tragedy if the United States finds itself unable to trust the results of a Presidential election. This is a tremendous opportunity for government and the information security community to partner around election security. It’s not a new topic for the industry, but the additional attention that a high profile election brings can help make real…
A series of vulnerabilities were found that would allow an attacker to gain full control of an Android device that is manufactured with a Qualcomm chip, known as the Quadrooter flaws. Black Duck discusses this flaw and the challenge that users face in protecting their code throughout the supply chain. Mike Pittenger, VP of Security Strategy, Black Duck commented below. Mike Pittenger, VP of Security Strategy at Black Duck: “ This illustrates the challenge organizations and individual users face in their supply chains. Each device includes code from multiple suppliers, and even when the vulnerabilities are addressed by the responsible vendor…
Security researcher Salvador Mendoza recently discovered a security flaw in Samsung Pay and discussed it during his Black Hat talk in Las Vegas. Basically Samsung Pay generates tokens each time a transaction is made. The idea is that this will mask the credit card information so that in the event it is intercepted, the details can’t be seen by the hacker. However according to Mendoza, he claims that with every token that Samsung Pay generates, the process becomes weaker and weaker till the point where if used enough times, a hacker could predict future tokens and steal them for use in another…
Security researchers have found a previously unknown hacking group, Strider, that has been carrying out cyber espionage-style attacks against selected targets in Russia, China, Sweden and Belgium. In response to this news, IT security experts from Lieberman Software and ESET commented below. Jonathan Sander, VP of Product Strategy at Lieberman Software: “In uncovering the Strider cyberespionage group, Symantec has found an excellent example of today’s real enemy – a skilled, professional attacker with sophistication and drive. The general public, misinformed by movies and TV, generally pictures the cyber bad guy as loners after quick money or thrills. Though some of…
Researchers at Forcepoint Security Labs are helping businesses fight back against a known malware actor with persistent monitoring and effective mitigation for the JavaScript-based ransomware, “NELocker”. Carl Leonard, Principal Security Analyst at Forcepoint commented below. Carl Leonard, Principal Security Analyst at Forcepoint: “A new JavaScript-based Nemucod ransomware, created by a known malicious actor, using legitimate command line utilities like 7Zip and PHP has refined its swift and stealthy approach to encrypting machines. This ransomware, dubbed NELocker by Forcepoint due to its Nemucod roots and its boilerplate style, can perform file encryption using any (“NE”) utility indiscriminately, benign or otherwise. NELocker has evolved from a…
Following Brian Krebs’ report on a data breach at Oracle’s MICROS Point-of-Sale Division, Thomas Pore, Director of IT at Plixer commented below how the attacks worked, the perils of third party risk and what what we should learn from this breach. Thomas Pore, Director of IT at Plixer: “While phishing has proven to be very effective, what if attackers didn’t need to phish all their targets—just a third party who has access to them? Third-party risk can have severe consequences. While it appears that the attackers have compromised one of the MICROS customer support portals supporting point-of-sale (PoS) systems, if the portal compromised allowed…
Following Symantec’s discovery of Strider, a previously unknown cyberesionage group, security experts commented below. Leo Taddeo, Chief Security Officer at Cryptzone: “The report issued by Symantec shows the benefits of sharing cyber threat intelligence. By linking the behavior and characteristics of the malware deployed by the Strider group to previous malware examples deployed by Flamer, cybersecurity professionals are armed with more insights into the targets and tactics of their APT adversaries. The Symantec report, however, also reveals that information sharing is not enough. The four- year-interval between the discovery of Flame and Strider, a related tool, highlights the difficulty in uncovering stealthy APT activity. “As…