Following the news about a hacker is advertising hundreds of thousands of alleged records from healthcare organisations on a dark web marketplace, including social security and insurance policy numbers, while also holding the organisations to ransom. IT security experts from Tripwire and MIRACL commented below. Travis Smith, Senior Security Research Engineer at Tripwire: “The next stage of ransomware has finally arrived. Traditional ransomware is a semi-automated process in which the malicious software infects the victim and encrypted as much critical data as possible. However, the victim could easily forgo the ransom in lieu of restoring from recent backups. This is the next…
ISBuzz Team
But most IT security professionals are still not training them – leaving their organisations at risk of fraud and ransomware Almost half of those who work in the IT security industry (49 percent) believe that their CEO or executives have fallen victim to targeted phishing scams, according to new research conducted by Unified Security Management™ and crowd-sourced threat intelligence leader, AlienVault®. The research, which surveyed the attitudes of around 300 IT security professionals at the Infosecurity Europe conference, found that more than three-quarters of respondents (82 percent) worry that their CEOs and executive board are still vulnerable to phishing threats, such as CEO…
Blancco Technology Group Study Uncovers Exposed Social Security Numbers, Financial Data, Resumes, Company Emails, CRM Records and Spreadsheets Ecommerce sites are reselling used electronics without permanently erasing data from them, according to The Leftovers: A Data Recovery Study released by Blancco Technology Group. Based on an analysis of 200 second-hand hard disk drives and solid state drives purchased from eBay and Craigslist in the first quarter of 2016, 67 percent of the used drives contained personally identifiable information and 11 percent held sensitive corporate data, including company emails, CRM records and spreadsheets containing sales projections and product inventories. The study’s findings reiterate just…
Cyber threats are evolving, fast. From social engineering to exploring the dark web for company specific information, even placing rogue individuals into an organisation as employees, criminal gangs are embarking upon increasingly targeted attacks. The implication for organisations is serious: while the tools employed by IT teams to secure the business are increasingly sophisticated, they are also generic and simply cannot counteract the specific, increasingly intelligence led attacks now in force. Organisations need to fight intelligence with intelligence. Are employees trustworthy – and if so, are they switched on to the risks associated with social networks? Are potential business partners,…
In response to the news that security researchers have discovered a massive network of hacked CCTV cameras which is being used to bring down computers around the world, security experts at Imperva and Prpl Foundation commented below. Igal Zeifman, Senior Manager at Imperva: “Security cameras are among the most prevalent and least protected IOT devices. Moreover, many have high upload connections, meant to support their remote streaming functionality. For these reasons security cameras are prime targets for botnet herders, who are always looking to add more devices to their “flock”. In the past few years, we have seen several examples of CCTV botnets being used for high profile DDoS…
Annual cybersecurity event challenges experts and acts as a model for industry HackFu, an annual cybersecurity challenge hosted by MWR InfoSecurity, came to a dramatic conclusion on Saturday 11th June. This year taking place within Newhaven Fort, on the South Coast of England, the event saw over 100 security experts working together, both remotely and on-site, to decrypt messages, complete challenges and many other activities to foil a fictional nuclear bomb plot. Thankfully they were successful in their mission, diffusing the final device with seconds to spare! The theme of this year’s HackFu was a spoofed military academy, known as…
Following the news about an online petition calling for a second EU referendum has been hijacked by automated bots adding false signatures. The House of Commons petitions committee said it had removed 77,000 signatures and was investigating. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Bots come in various guises and can cause damage to a website or the integrity of its data via content theft, click fraud, traffic fraud, comment (or in this case petition) spam, server slowdowns etc. Any public-facing website, particularly sites such as online petitions which trigger actions when a…
One of the most common ways people become a target for fraud is through phishing – falling victim to fraudulent emails posing as legitimate sources. With mobile banking now a staple of smartphone use and paperless banking being touted by financial institutions, confidential financial data has never been more vulnerable, for both banks, businesses and consumers alike. People want to check statements and transfer money whenever they choose – even in the workplace. Clicking on a malicious link while at work in the hope of checking statements or transferring money can expose the entire company. A study by the Ponemon Institute showed malicious attacks…
Oculus Rift apps are once again running on the HTC Vive but we do not think that this will save the Vive or HTC as the road for its VR hardware is pointing to commoditisation. Richard Windsor From Edison Investment Research commented below. Richard Windsor, Analyst at Edison Investment Research: “Oculus Rift apps are once again running on the HTC Vive but we do not think that this will save the Vive or HTC as the road for its VR hardware is pointing to commoditisation. A firmware update for the Oculus Rift prevented its apps from running on the Vive which to us made no sense as Facebook is not pursuing…
Mobile devices are ruling the world. Whether they are being used for consumer or business purposes, we will continue to reach new records over the coming years. According to June 2016 figures from IDC, global shipments are expected to reach 1.84 billion in 2020. With the dependency and plethora of technology devices available, managing mobility across the enterprise is now critical. Employees are able to access company data wherever they are and while companies benefit from improved customer service delivery and business productivity, the rate of adoption leaves areas in the corporate estate vulnerable if not managed correctly. Even with…