The number of users attacked with encryption ransomware is soaring, with 718,536 users hit between April 2015 and March 2016: an increase of 5.5 times compared to the same period in 2014-2015. The irreversible consequences of this kind of malware infection, along with the high value data that is being encrypted by ransomware, tempts victims to pay for decryption, which in turn draws more cybercriminals into the business. It’s no secret that crypto-ransomware, which encrypts data on users’ systems has become a huge problem for cybersecurity over the last few years. It has become so widespread that it could easily…
ISBuzz Team
Carbonite has fallen victim to a password-reuse attack and is asking users to change their passwords. IT Security experts from MIRACL, Lieberman Software, ESET, AlienVault and Imperva commented below. Brian Spector, CEO at MIRACL: “Password re-use is one of the biggest problems with the username and password system. We’re all human, and it’s difficult to remember a different password for each online service that you use, so it’s not surprising that so many people use the same password across multiple sites. This of course makes hackers’ jobs much easier, because they don’t even need to hack into new databases anymore to reap…
The Cisco Talos blog reported newly discovered vulnerabilities in the widely used libarchive open-source programming library. Cisco Talos reports that it has worked with the maintainers of the archive to patch what it calls three rather severe bugs in the library. Cisco Talos encourages users to patch/upgrade related, vulnerable software. Christopher Fearon, research director at Black Duck Software, which helps organisations to identify, secure and manage open source software in the enterprise commented below. Christopher Fearon, Research Director at Black Duck Software: “This is another example of a widely used component that is also consumed by other open source packages,”…
With new waves of ransomware attacks striking headlines everywhere, it’s truly time to take a proactive stance against malware. But, drawing on experience, most IT professionals cringe at the impact endpoint threat protection may have on user productivity. Users simply want something that’s more transparent. In fact, according to a recent study performed by Dimensional Research: The Value of a Great Desktop Experience, as many as 62% of business users identified security that is not intrusive as an important factor to a great desktop user experience. Even so, as many as 35% of IT professionals still limit their end users’…
In September 2015, China agreed to a series of accords with the US, UK, and G20 barring Beijing from conducting cyber-enabled economic espionage with parties around the world. Since, the key question has been: is China complying with those agreements? FireEye analysed the activity of 72 China-based cyber threat groups since early 2013 and found a substantial decline that began to occur in mid-2014. It analysed 262 incidents of compromise. China’s espionage activity has hit companies around the world. Of those, 80 incidents affected organisations in 13 countries in the Europe, the Middle East and Africa since 2013. (Europe (9):…
Following the TalkTalk breach the Department for Culture, Media and Sport has now issued a cyber security report recommending a variety of new measures including penalties for CEOs when preventable breaches occur. Charles White, founder and CEO of cyber risk specialist IRM commented below. Charles White, Founder and CEO at IRM: “After many years of issuing best practice advice to try and improve the cyber security of UK Plc, it appears the government is now taking a much firmer hand in getting the attention of executives. However, with previous voluntary schemes such as Cyber Essentials largely going unheeded, we need more than reports and…
Threat research for May 2016 shows a continuing rise in the number of active malware families attacking business networks; banking malware increases Check Point㈢ published its latest Threat Index, revealing the number of active global malware families increased by 15 percent in May 2016. Check Point detected 2,300 unique and active malware families attacking business networks in May. It was the second month running Check Point has observed an increase in the number of unique malware families, having previously reported a 50 percent increase from March to April. The continued rise in the number of active malware variants highlights the wide…
Dear Editor, As the recent Federation of Small Businesses (FSB) study* highlights, the UK’s small businesses are today more at risk of cybercrime than ever before. Yet, the majority lack both the resources and the skills to put in place appropriate protection, resulting in a lack of security with a total annual cost to small business of around £5.26 billion over 2014 and 2015. Voice over Internet Protocol (VoIP) is one of the rising technologies that many SMEs are now using in order to cut costs and increase operational flexibility. Alongside cloud computing, VoIP is a key component in today’s…
Google has paid out £376,000 ($550,000) in bug bounties to 82 different people over the last 12 months as to reward those who find vulnerabilities on its Android platform. Paul Farrington, Manager, EMEA Solution Architects at Veracode discusses on this report below. Paul Farrington, Manager, EMEA Solution Architects at Veracode: “The number of cases and the significant sum paid as part of Google’s bug bounty programme continues to demonstrate the value of responsible disclosure to companies. “However, not all organisations can’t rely on ethical hackers to find the flaws for them. Malicious actors are constantly applying the same techniques to websites and applications, and…
The Computer maker Acer’s U.S. webstore was breached for nearly a year, potentially exposing credit card data, names and mailing addresses of 34,500 customers. John Peterson, vice president of Enterprise Product Management at Comodo commented below. John Peterson, vice president of Enterprise Product Management at Comodo: 1. Practice Good Password Hygiene Create strong passwords using a hard-to-guess combination of uppercase and lowercase letters, numbers and symbols or special characters. Don’t use common names, dates, your pets’ or kids’ names, street addresses, birthday dates or other facts that attackers could easily find out about you on social media, public records or the Internet. Also, use separate passwords for each account,…