It’s a well-known fact that nation states have almost unlimited cyber powers. Nation states with unlimited military resources, technical know-how and political motivation gave rise to the infamous APT (“Advanced Persistent Threat”), meaning that an adversary with enough resources and motivation has the ability to hack anyone, regardless of their security mechanisms. While both an APT campaign and a cybercriminal campaign pose significant threats, the underlying motive for the attacks greatly differ. APT campaigns are executed to collect information, to sabotage or perform other politically driven initiatives, whereas cybercriminals are often only after monetary gain. Given that APT has an almost mythical…
Author: ISBuzz Team
In a traditional work environment, most employees worked onsite, in the office. While this is still common today, many also work remotely — either on the road or from their homes. This is also true in the education industry. One of the biggest trends in higher education is completing online courses and degrees. Often, going to a physical campus to complete classes is not feasible, especially if you are an adult who is working full time and wanting to complete a degree. You need to be able to take classes on a flexible schedule and from wherever you are. This…
A phone on wheels Buoyed by today’s smart cities and the need for the world’s 1.2 billion motor vehicles to be able to navigate the world’s streets more safely, there has been a substantial rise of what is commonly referred to as the ‘connected car’. In fact, some 12 percent of all cars on the roads are predicted to be connected to the Internet by the end of the year[1]. Internet-connected cars can enhance the driver’s experience by providing driver-assistance apps, as well as information and a plethora of entertainment services. Connected cars are already one of the biggest exponents…
A dangerous, previously unknown security vulnerability has been discovered in LastPass which permits attackers to remotely compromise user accounts. LastPass is a password vault which pulls user passwords from a secure area and auto fills credentials for them. Brian Spector, CEO at MIRACL commented below. Brian Spector, CEO at MIRACL: “Password managers, like LastPass, help users manage the undue burden placed upon them by requiring complex and constantly-changing passwords. But that solution does not fix the problem since it allows all of a user’s passwords to be compromised in one place at one time. The root of password-related problems are on the infrastructure…
The general notion in the cybersecurity industry is that antivirus is an antiquated product, which does not provide enough security against today’s advanced threats. Symantec CEO even went further and declared the demise of the Anti-Virus. But recent events seem to indicate otherwise. Just a few weeks ago the antivirus maker, Avast Software, announced plans to acquire competitor AVG Technologies for $1.3 billion in cash. Surely Avast would not spend such a fortune on a dying technology… The combined company would create the world’s biggest antivirus software firm by number of active users, exceeding even Microsoft’s market share of antivirus technology…
The Payments Systems Regulator (PSR) has announced that the UK payments infrastructure will undergo a reform, in order to increase innovation, competition, and ultimately seek to better serve consumers. Alain Falys, CEO and co-founder of Yoyo Wallet, Europe’s fastest growing mobile wallet company, says that they welcome the announcement and that the changes this announcement will bring, herald the shake-up that UK payments need. Alain says: “This announcement seeks to break down the current payments status quo which has remained stagnant in this country for too long. The best case scenario is that we now see a flood of innovative…
Following the report from Proofpoint announcing their discovery and analysis of massive malvertising network AdGholas, operating since 2015 (which was pulling in as many as 1 million client machines per day), Thomas Pore Director of IT at Plixer commented below on why advertising is an ‘excellent’ method for hackers, how it worked and what users can do to avoid it. Thomas Pore, Director of IT at Plixer: “The detection and analysis of AdGholas shows how creative, resilient, and money hungry cyber criminals are. Advertising is an excellent way to get content in front of a large audience quickly and by using advertising to redirect…
The security researchers at AppRiver have identified a Netflix phishing scam, hoping to capitalise on Netflix service fee hike, currently circulating. Paul Tolbert commented below. Paul Tolbert, Email Security Specialist at AppRiver: “There’s little doubt that Netflix is a major competitor in the video streaming industry by a wide margin. It should also come as no surprise that cybercriminals view their customers as prime targets for phishing campaigns. With the recently announced Netflix service fee hike, the ever-adaptable spammers have found an opportunity to exploit the video-on-demand company. “The campaign attempts to impersonate a Netflix account verification email. The email in part alerts the target/victim to a…
CREST examination facility officially opened at the Singapore Institute of Technology London UK. In partnership with the Cyber Security Agency of Singapore (CSA) and the Association of Information Security Professionals (AISP), CREST has established a Singapore Chapter to introduce its penetration testing certifications and accreditations to Singapore. This initiative was developed in collaboration with the Monetary Authority of Singapore (MAS), the Association of Banks in Singapore (ABS) and the Infocomm Development Authority of Singapore (IDA). The CREST Singapore Chapter is the first CREST Chapter in Asia. Marking this milestone is the official opening of the CREST Examination Facility at the…
DDoS attacks have been gaining momentum over the last quarter as Nexusguard confirms in their DDoS Threat report that shows DDoS reflection attacks have soared 80% in Q2 alone. Lamar Bailey, Senior Director of Security R&D at Tripwire commented below. Lamar Bailey, Senior Director of Security R&D at Tripwire: “DDoS reflection attacks are popular because they hide the true attacker and exploit common UDP services. When an attacker uses DNS, mDNS, or NTP they can amplify their attacks by tricking the services to “respond” to spoofed addresses with large amounts of data while the attacker stays hidden and watches the…