Tripwire, Inc., a leading global provider of endpoint protection and response, security and compliance solutions, today announced the results of a survey of over 400 information security professionals who attended Infosecurity Europe 2016. The conference took place June 7-9, 2016, at the Olympia Conference Centre in London. According to Tripwire’s survey, ninety-three percent of information security professionals believe ransomware attacks will continue to escalate in 2016. In addition, over half (fifty-six percent) identified ransomware as one of the top three security concerns at their organizations. However, when asked if their companies could recover from a ransomware infection without losing critical data,…
ISBuzz Team
Following the news that railway network has suffered at least four major cyber attacks over the last year alone. IT security experts from Tripwire, ESET, AlienVault and NSFOCUS commented below. Tim Erlin, Director, Security and IT Risk Strategist at Tripwire: “The motivations for nation state attackers are very different from the financially motivated cyber criminals we’re used to dealing with. Nation state attackers are often better resourced, more patient, and more interested in causing material harm to life and safety than their criminal counterparts. Reconnaissance activities in critical infrastructure should be taken very seriously. We should expect that these attackers are doing their…
Following the news about attackers steal 600K records from health care firms – details how thieves exfiltrated 600,000 US patient records and offered for sale more than 3 terabytes of associated data. Here is a link to the source report “Healthcare Under Attack” from InfoArmor. Security experts from Balabit and STEALTHbits Technologies commented on this attack below. Balázs Scheidler, Co-Founder and CTO at Balabit: “With staffs increasingly on the go, remote access to internal IT services is commonplace. We access our virtual desktops, applications or even servers interactively from outside the firewall with protocols such as Microsoft Remote Desktop or Citrix ICA. “These communication channels allow…
In 2016 Nymaim malware resurfaced and is spreading via an intensive spearphising campaign utilizing malicious Microsoft Word attachments. Since the original strain of Nymaim was detected back in 2013, with its kill chain and evasion techniques, over 2.8 million infections have resulted. In the first half of 2016, ESET has again observed a marked increase in Nymaim detections. Principally affecting Poland (54% of detections), Germany (16%) and the United States (12%), the refreshed variant was detected as Win32/TrojanDownloader.Nymaim.BA, reemerging as a spearfishing campaign complete with a malicious attachment (Word.Doc) containing “trick” Marcos. Used to circumvent default Microsoft Word security settings via social…
The headlines are alarming: More than 10 million Android devices worldwide have been infected with a form of Chinese malware that not only steals and sells information from the devices, but installs more malware and clicks on ads as part of a scheme that’s earning hackers more than $300,000 per month in revenues. Known as Hummingbad, this latest malware has already infected nearly 300,000 devices in the U.S., and continues to spread. What makes this particular infection so dangerous is that with little more than a single visit to an infected website, the malware installs itself and gains root access…
Popular augmented reality game, Pokemon Go, has got international users “sideloading” it, or installing it outside of the official app store. Unfortunately for them, they may have downloaded an infected version of the app which contains a backdoor called DroidJack which allows hackers to gain access if the victim’s phone, according to Proofpoint. IT security experts commented below. Tim Erlin, Director, Security and IT Risk Strategist at Tripwire: “When it comes to malware, you really don’t want to catch ’em all. Cybercriminals are after any angle that helps them gain a foothold on your devices. A popular app that’s not available in…
Whilst the decision by the people of the United Kingdom to leave the European Union has implications for the legislative framework for privacy in the UK, these implications are unlikely to significantly affect the need for organisations to adopt the General Data Protection Regulation (GDPR). Reason 1 – The 2+ year negotiation phase… Formal negotiations for exit won’t start until after Article 50 is invoked (which gives our official “notice” to leave the EU), and this now looks to be September 2016 at the earliest. During this mandatory 2-year MINIMUM period all existing legislation (including GDPR) will continue as before.…
To minimise the possibility of a cyber-attack, Industrial Control Systems (ICS) are supposed to be run in a physically isolated environment. However this is not always the case. In its report on the ICS threats landscape, Kaspersky Lab experts revealed 13,698 ICS hosts exposed to the Internet that more than likely belong to large organisations. These organisations include energy, transportation, aerospace, oil and gas, chemicals, automotive and manufacturing, food and drink, governmental, financial and medical institutions. 91.1 per cent of these ICS hosts have vulnerabilities that can be exploited remotely. But the worse is yet to come – 3.3 per cent…
Following the news that Facebook may be developing its Messenger app to encrypt messages and allow people to set a time limit after which their messages will be deleted, David Emm, Principal Security Researcher at Kaspersky Lab provides as insight on this news. David Emm, Principal Security Researcher at Kaspersky Lab: ” The news that Facebook may be developing its Messenger app to encrypt messages and allow people to set a time limit after which their messages will be deleted may be an appealing function for many, but there are dangerous consequences that need to be considered. It could encourage people…
Researchers have discovered that a malicious app is mirroring the #1 app in the iTunes store claiming to be Pokemon Go but may actually contain a malicious remote access tool called DroidJack. In a phased release, Pokemon Go is being made available to players across the world. However many gamers want early access and have bypassed country locks to get to the new app. However, they may be propositioned by a fake Android app that once downloaded actually takes full control of the victim’s phone. Tim Erlin, Senior Director of IT Security and Risk Strategy for Tripwire commented below. Tim…