Following the news that Wendy’s POS breach larger than first reported, Péter Gyöngyösi, Blindspotter Product Manager, Balabit commented on this news below. Gyöngyösi, Blindspotter Product Manager at Balabit: “The slow but steady transition underway in the US that would eventually replace classic magstripe cards with chip-and-pin ones will certainly reduce the breadth of such attacks, as it will no longer be possible to just simply dump the information stored on these cards and clone them by the millions. But all is not fixed: chipped cards have been in use for a decade in Europe and credit card fraud is still happening,…
Author: ISBuzz Team
EMEA organizations not up to the challenge of stopping advanced threats; dwell time three times longer than global average FireEye, Inc. (NASDAQ: FEYE), the leader at stopping today’s advanced cyber attacks, today announced the release of the first Mandiant® M-Trends® EMEA report. M-Trends EMEA drills down into the statistics collected during investigations conducted in EMEA by Mandiant’s leading consultants in 2015 and details leading cyber trends and tactics threat actors used to compromise businesses and steal data. Some of the key findings include: – Organizations in EMEA took three times longer to detect a compromise The mean dwell time (time between compromise and…
Where the self-driving cars provide lots of facilities at the same time they may be the troublesome innovation to travel that we have experienced in a century. The biggest, particular concern with regard to self-driving cars is data privacy and cyber security risks. Pat Clawson, Blancco technology Group CEO commented below on the need for new legislation to protect self-driving cars users’ data privacy. Pat Clawson, CEO at Blancco technology Group: “Self-driving cars are bringing out a lot of debate about the need for new legislation to protect users’ data privacy. The issue really comes down to the size of the car market (buying,…
Introduction: Zscaler ThreatLabZ recently came across a new wave of malicious documents evading automated analysis systems using a new technique. Malicious executables that leverage numerous techniques to detect the virtual environment and automated analysis systems are very common, but we are seeing an increasing trend of such techniques moving to the initial delivery vector (i.e. weaponized documents). In this blog, we look at some of the anti-VM and anti-sandboxing techniques seen in the recent malicious documents including the newly added check of Microsoft Office RecentFiles count. Weaponised Documents & anti-VM tricks: Malware authors leveraging documents with macros to download and install…
The potential benefit IoT can bring to an economy is growing at a rapid pace: recent figures show big data and IoT together are expected to generate £322 billion in revenue for the UK economy from 2015 to 2020 alone. Analyst firm Gartner has also recently highlighted the top IoT technologies that should be on every organisation’s radar through the next two years. The analyst emphasised these technologies will have a very broad impact, affecting numerous key areas of an organisation, including its business strategy. However, while the revenue opportunity is ripe, the approach to changing business strategy to capitalise on potential income may…
Endpoint hunting identifies active and dormant malware missed by security monitoring, drastically reducing the breach detection gap and strengthening defense-in-depth strategies Infocyte, a provider of agentless hunt technology that eradicates malware and persistent threats, today released Infocyte HUNT™ v2.0 (formerly called Infocyte Pulse). The agentless threat hunting platform now features the ability to scan Linux endpoints in addition to Windows, improvements to the malware analysis engine and user experience, and enhanced performance to consistently identify both active and dormant malware on an endpoint within minutes. Proactive threat hunting with Infocyte HUNT reduces the breach detection gap and is a critical part of any…
Following the news that the Russian seller, who goes by the name Tessa88, claimed in an encrypted chat on Tuesday to have obtained Twitter’s database, which includes email addresses, usernames and plain-text passwords, there below the comments from different security experts. Tod Beardsley, Security Research Manager at Rapid7: “While the credentials themselves appear to be real, the details provided by LeakedSource indicate that the usernames and passwords are sourced from end users rather than from Twitter itself. Specifically, it appears that the credentials were harvested from individual browsers password stores, which is troubling. We often recommend people save their passwords off in dedicated password…
A while ago, ESET warned about a Ray-Ban scam campaign flooding Facebook via hacked profiles. Using fake ads that offered massive discounts, attackers tried to lure users into “buying” branded sunglasses, thus giving up their payment card details via an unsecured channel. Spread mostly via posts disguised as ads for Ray-Bans, the scam also tags a small group of the intended victim’s friends. Attackers have also created a lot of bogus Facebook pages and events indirectly leading users to visit their scam stores. Other channels used to spread this hoax included communication apps such as WhatsApp, Viber, iMessage or Facebook Messenger. Yet,…
Recent research has shown that a third of UK firms are stockpiling digital currencies such as bitcoin, in order to pay hackers to release their data in the event of a ransomware attack. This is an extremely dangerous course of action if it comes at the expense of preventative security measures, and increases the likelihood of severe consequences as a result of a data breach. The research polled 250 IT security specialists at large companies across the UK. In addition to the figure on cryptocurrency stockpiling, 35 per cent of businesses with over 2,000 employees would be willing to pay over £50,000 to…
Security breaches have become ever present within our society today, with news of breaches, such as those to baby care retailer Kiddicare and social media giant LinkedIn, gracing the front pages most mornings. With cybercriminals having an increasing presence within our rapidly evolving online society, scenarios such as the above are likely to become a more everyday occurrence unless the right measures are put in place. The cost of the average data breach rose dramatically in the last twelve months[1], with the average cost for companies increasing to $3.79 million once lost business, compliancy fines and reputational damage are taken into…