Reveals call for minimum security standards IOActive, Inc., the worldwide leader in research-driven security services, today released the findings of the IOActive Internet of Things (IoT) Security Survey, completed by senior security professionals earlier this year[i]. While the IoT era of products brings innumerable advances and modern conveniences to the lives of consumers, the connected nature of these products creates unintentional ports to other sensitive and critical systems, data, and devices. When security is insufficient in even seemingly harmless household appliances, wearables, or other IoT products, it presents endemic vulnerabilities and risks. The IOActive IoT Security Survey, conducted in March…
Author: ISBuzz Team
Survey reveals lax state of network access security in mid to large businesses A new survey amongst IT Decision Makers in UK businesses with one thousand or more employees reveals that 49 per cent of respondents admit to retaining access to their employer’s network, often for many months after leaving the company. The survey commissioned by Protected Networks, supplier of the 8MAN, access rights management solution, highlights the poor track record of businesses in removing access rights for employees that have left the business. The survey, conducted by independent market research company Vanson Bourne, finds that three quarters of the 49 per cent who retained…
ACI unveils UP eCommerce Payments solution, empowering merchants to increase conversion rates NEW YORK and LONDON—June 2, 2016—ACI Worldwide (NASDAQ: ACIW), a leading global provider of real-time electronic payment solutions, will unveil the next generation of eCommerce payments today at the eCommerce Disruption Opportunity executive summit. UP eCommerce Payments empowers merchants and the payment service providers (PSPs) that serve them to capitalise on the $2.2 trillion global eCommerce opportunity by embracing payments innovation. The SaaS-based UP eCommerce Payments solution is the realisation of ACI’s eCommerce strategy, which began with the 2014 acquisition of Retail Decisions (ReD) and its market-leading solution for preventing and…
Adapting to rapidly changing technology is key to keeping up with – or even outrunning – competition. But sometimes internal staff don’t have the time or skills to manage complex IT infrastructure of office technology, making it necessary to seek out a supplement to your business’ IT department. The good news is there are a number of vendors that are keen to take the pressure off your internal IT staff by offering field service, where the vendor handles key parts of your on-site IT needs, such as hardware repairs or desktop and server support. Called managed service providers (MSPs), these…
Proofpoint researchers have detected a new version of thw CryptXXX ransomware that introduces several updates and improvements, all of which increase the risks associated with this threat. In fact, shared network resources are now far more vulnerable to encryption by a CryptXXX-infected PC with the introduction of network scanning via SMB. CryptXXX is evolving fast – the developers behind it are already at Version 3.100, detected less than 6 weeks after Proofpoint researchers first identified the ransomware. The latest iteration not only bypasses the currently available decryption tool from but also 1) Uses SMB to scan for available network resources and begin encrypting…
In the response to the news that Tumblr breach that now has 65 million passwords for sale on the DarkWeb, Leo Taddeo, CSO, Cryptzone commented below. Leo Taddeo, CSO, Cryptzone: The sale of large sets of stolen social media credentials should concern all cybersecurity professionals because the data is often used to mount highly effective spearphishing campaigns. As we know from the Verizon Data Breach Survey and other reports, spearphishing is one of the most common vectors for stealing valid credentials and injecting malware into hosts. For network defenders, one of the most effective countermeasures to malware and malicious use of valid credentials…
Technology has afforded consumers terrific conveniences, and with that, consumer patience has gradually dwindled. We now expect frictionless, real-time access to information, applications and networks. In light of the emphasis on convenience and the consumer experience, the traditional password is losing its foothold as the standard in authentication. Consumers no longer have the patience to fill out lengthy registration forms, or the free brain space to remember dozens upon dozens of usernames and passwords. In fact, a recent survey by Gigya found that 52 per cent of consumers would choose anything but a traditional username and password account registration when given the…
In the response to the news that evidence is emerging of links tying a spate of Asian bank breaches involving the SWIFT network to North Korea’s malicious hacking Lazarus Group Leo Taddeo, Chief Security Officer at Crytzone commented below. Leo Taddeo, Chief Security Officer at Crytzone: Investigators should be cautious in assigning responsibility for the recent attacks on the SWIFT system. Any adversary that has the resources to develop highly customized malware is sure to know that strings of code are like fingerprints that could reveal their true identity. The perpetrators of this attack most likely used one or more techniques to cover their…
Following the news that new Windows zero-day exploit that’s up for sale on the dark web for $90,000. Carbon Black’s chief security strategist provides below an insight on this news. Ben Johnson, chief security strategist, Carbon Black: “Zero-day exploits such as this are particularly problematic, as traditional security solutions like anti-virus rely on blacklisting – they have a set of known threats that they detect, if a file doesn’t appear on their list, they let it through – so if the threat has never been seen before then this system falls down. “This is why organizations need to stop relying on AV…
Organisations of all sizes now have less than two years before the General Data Protection Regulation (GDPR) deadline. The deadline for organisations to meet new regulations around the treatment of personally identifiable information (PII), combined with expected volumes in data growth, could have huge implications for any business that processes personal data. Here to comment on this news is Gavin Siggers, Director of Professional Services at Iron Mountain. Gavin Siggers, Director of Professional Services, Iron Mountain 2018 heralds the deadline for organisations to meet new regulations around the treatment of personally identifiable information (PII) which, when combined with expected volumes in data…