Following the news on the latest DNC breach, Costin Raiu, Director at Kaspersky Lab’s Global Research and Analysis Team, commented below. Costin Raiu, Director at Kaspersky Lab’s Global Research and Analysis Team: Kaspersky Lab is familiar with and detects the activities of both the Sofacy and CozyDuke APT groups, which are also known as Fancy Bear and Cozy Bear. One of the most worrying things about the DNC breach is that according to published information, the CozyDuke threat actor was able to penetrate the organisation’s perimeter, apparently through a phishing attack, and move freely around the network for a whole year before being detected – by which time another advanced threat…
Author: ISBuzz Team
Following the news that Japan’s largest travel agency JTB Corp having 7.93 million passport details, home and email addresses stolen by hackers, Guy Bunker, Senior Vice President at Clearswift commented below. Guy Bunker, Senior Vice President at Clearswift: “While the company can’t blame the employee for opening the email, the company is itself to blame and cannot shirk its responsibility. The increasing use of embedded malware in innocuous looking documents is not something which can be glossed over – there have been many incidents recently, especially with ransomware and in the healthcare sector. There is a need for businesses to look…
Following the news that 45 million accounts from home, tech and sport forums have been stolen after hackers infiltrated media company, VerticalScope, Jonathan Sander, VP of Product Strategy at Lieberman Software and Javvad Malik, Security Advocate at AlienVault commented below. Jonathan Sander, VP of Product Strategy at Lieberman Software: As more and more sites are breached and passwords are stolen, the hope is that users are getting the message that password use is not OK. If a bad guy gets access to their sports forum account, they probably are only in danger of angering the folks in their local clubhouse with…
The Ponemon Institute has found that data breach costs are rising, now reaching $4m per incident, Daniel Miessler at IOActive commented below about the relationship between data breaches and reputation damage. Daniel Miessler, Director of Advisory Services at IOActive: “The relationship between data breach and reputation damage (and then to lost revenue) is not as straightforward as one might think. It seems intuitive that the correlation would be strong and direct—you get hacked and you lose stock price and/or revenue due to the damage suffered by your brand. The reality, however, is more complex, and there are a couple factors…
A new type of ransomware has been discovered which, unlike other types, uses only JavaScript. IT security experts from Imperva, AlienVault, Lieberman Software and ESET discuss how big of a threat this is. Amichai Shulman, CTO and Co-Founder at Imperva: “Organizations should have good backup processes and real time file activity monitoring in place. The former ensures that no long-term damage can be done either on a work station or a file share. The latter ensures that infected individual machines cannot affect file servers. The interesting thing about this attack vector is that it shows how simple Ransomware is and how…
Securing an enterprise’s infrastructure is an increasingly complex task, but one that channel partners are able to address if they have the right skills and solutions portfolio. Managed security services also provide a key revenue opportunity for solution providers and can offer relief for customers that may not have the expertise or resources to tackle IT security challenges themselves. Key trends in terms of emerging threats to IT security Enterprises are increasingly victims of advanced persistent threats (APTs) that carry out targeted malicious attacks. In addition, APTs are also influencing the evolution of malware. We see this through the sophisticated…
Positive Technologies’ researchers able to compromise many popular social media sites by hacking SS7 network, intercepting an OTP, resetting passwords and taking ownership of accounts London (UK). Positive Technologies, a leading provider of vulnerability assessment, compliance management and threat analysis solutions, today confirmed its researchers have exploited a flaw in the SS7 protocol to intercept one time passcodes (OTP) used by many online services to reset passwords. Facebook, WhatsApp, Telegram, Twitter and many other online services, offer password resets via SMS message but instead of strengthening security, this ability actually introduces a vulnerability that hackers can, and will, exploit. Positive Technologies’…
Following the news that children as young as 11 are being warped by online pornography, a security expert Raj Samani, CTO of Intel Security commented below. Raj Samani, CTO at Intel Security: “Today’s news from NSPCC that half of 11 to 16-year olds have seen explicit material online is yet another reminder of the potential dangers open to ‘smartphone kids’. Recent research from Intel Security found that only 40% of children aged between 5-12 years old are being supervised whilst using the internet, and over a third of parents have not made an attempt to find out what their child…
Kaspersky Lab researchers have investigated a global forum where cybercriminals can buy and sell access to compromised servers for as little as $6 each. The xDedic marketplace, which appears to be run by a Russian-speaking group, currently lists70,624 hacked Remote Desktop Protocol (RDP) servers for sale. Many of the servers host or provide access to popular consumer websites and services, and some even have software installed for direct mail, financial accounting and Point-of-Sale (PoS)processing. They can be used to target the owners’ infrastructures or as a launch-pad for wider attacks, while the owners, including government entities, corporations and universities, have little or no idea of what’s happening. xDedic is a powerful example of a new kind of cybercriminal marketplace: well-organised and supported.…
Following the news that Adobe is expected to release a patch for CVE-2016-4171, Tod Beardsley, Security Research Manager at Rapid7 commented below. Tod Beardsley, Security Research Manager at Rapid7: Adobe is expected to release a patch for CVE-2016-4171, which fixes a critical vulnerability in Flash 21.0.0.242 that Kaspersky reports is being used in active, targeted campaigns. Generally speaking, these sorts of pre-patch, zero day exploits don’t see a lot of widespread use; they’re too valuable to burn on random acts of hacking. So, customers shouldn’t be any more worried about their Flash installation base today than they were yesterday. The…