Experts estimate more than 10 million Android devices around the world have been infected by the Hummingbird malware, which is linked to a Chinese company. David Jevans, VP of Mobile Security, Proofpoint commented below. David Jevans, VP of Mobile Security at Proofpoint: “Android consumers cannot tell if an app is malicious or in this case, if their phone has malware; however, if you use a consumer Android anti-malware tool then you can have better odds at seeing things as they are discovered. If your phone is infected with malware that roots your device, you must wipe your phone entirely and re-install…
ISBuzz Team
In February 2016, following an alert from a partner, Kaspersky Lab’s Global Research and Analysis Team began an investigation. It quickly became clear that a threat actor, likely operating from India, was undertaking aggressive cyber-espionage activity in the Asian region, targeting multiple diplomatic and government entities with a particular focus on China and its international affairs. Having only old exploits and unremarkable tools in their arsenal, the actor also tried its luck in attacking high profile targets including some Western entities. The modus operandi of “Dropping Elephant” (also known as “Chinastrats”) could hardly be called sophisticated. The attackers rely…
With a sports packed summer upon us, including WImbledon, Euro’s and the Olympics, 2016 really is a year of sport. But as sports teams, organisations and tournaments embrace mobile, cloud and analytics, how does this open them up to cyber attacks and hackers? What do hackers want from these targets and how do they plan to achieve this? Mark Bower of HPE Security – Data Security, a provider of advanced encryption, tokenization and key management solutions, and Stephen Gates of NSFOCUS IB, a global network and application security provider, have shared their thought on this topic below. Mark Bower, Global Director at HPE Security – Data…
Following a series of breaches to remote access providers, RealVNC’s COO Adam Byrne looks at whether the wider software community can do anything more to protect users. Recent weeks have seen several major security incidents involving more than one remote access provider. The exact nature of these malicious attacks are not totally clear, but there has been some evidence to suggest that users with common passwords across multiple services may have been targeted. While the methods used have not been fully disclosed, the intent of the attacks could not be more clear: criminals were looking to compromise the personal security…
It has been discovered that ISPs around the world are receiving fake copyright infringement notices and settlement demands in hopes that ISPs will pass it on to their customers. Lamar Bailey, Senior Director of Security R&D for Tripwire commented below. Lamar Bailey, Senior Director of Security R&D at Tripwire: “Phishing attacks are become very sophisticated and timely. The attackers are using current events and trends to trick targets into installing malware or disclosing personal information that is used in follow up attacks. The attacks can be very specific to the target which makes them harder to detect. This attack adds another…
Internet service providers are reportedly being targeted by a new phishing scam related to Game of Thrones pirates. According to Torrent Freak, the fake notices are being sent to ISPs in the US, the UK and Australia with the scammers claiming to be working on behalf of right holders, including HBO. Mike Patterson, founder and CEO Plixer, has advice to avoid being fooled by these emails. Mike Patterson, Founder and CEO Plixer: “Consumers receiving emails regarding any type of odd fine or settlement should almost always be followed by a phone call to the organization. Call the telephone number on the official website and…
Following the news that European governments have approved the Privacy Shield agreement, Richard Lack, Director of Sales EMEA at Gigya commented below. For some background, Gigya works with brands such as Coca-Cola and Dell to help them establish mutually beneficial relationships with their customers and correctly store customer data. Richard Lack, director of sales, EMEA at Gigya: With the EU-US Privacy Shield now finalised and approved by European governments, privacy compliance is now a necessity for all global brands. However, research has shown that 95 per cent of large enterprises are only “somewhat aware” of their legal obligations when it comes to complying with…
Internet service providers are reportedly being targeted by a new phishing scam related to Game of Thrones pirates that is more extensive than previously thought. The fraudsters are peppering various ISPs around the world, including UK, US and Australia, with copyright infringement notices and settlement demands in hope the ISP will pass it on to its customers. Lamar Bailey, Director of Security Research and Development at Tripwire commented below. Lamar Bailey, Director of Security Research and Development at Tripwire: “Phishing attacks are become very sophisticated and timely. The attackers are using current events and trends to trick targets into installing malware or…
A group of Cisco researchers have managed to spot malicious traffic in encrypted traffic without any need to decrypt data. The discovery could pave the way for products that can secure networks while maintaining privacy. Peter Kosinar, Researcher at ESET commented below. Peter Kosinar, Researcher at ESET: “The findings in the paper are certainly interesting and could be used to improve detection rates in certain scenarios — even though the number of malware families analyzed in the paper is not very high (i.e. the overall efficiency might improve only a little). Moreover, the findings of the paper only apply to the…
Following the news about Wendy’s breach 3x scope previously reported, Brad Bussie, Director of Product Management, STEALTHbits commented below. Brad Bussie, Director of Product Management at STEALTHbits: “Based on the information coming out of Wendy’s, a different and difficult strategy should be considered. What they have shown over the past six months is that the scope of the malware infection is still unknown. They have a moving malware target that has grown from 300 locations, to five percent of locations, and now 1000 locations. When a company can no longer trust its end point servers operating globally, drastic actions may…