Following the news that the online editions of principal Swedish newspapers were knocked out for several hours by a cyber attack during the weekend, Igal Zeifman, Senior Digital Strategist at Imperva provides insight: Igal Zeifman, Senior Digital Strategist at Imperva: “We have seen an increase in what we term intimidation attacks using DDoS. These are meant to either retaliate against press and bloggers, or scare off others who might pick up a certain story. These attacks can have significant impact on the business operations of a media outlet, not to mention the freedom of the press. And with the size of…
ISBuzz Team
Research finding issued by SailPoint Technologies with its annual Market Pulse Survey – included findings that: a) one in five employees surveyed would sell their security passwords for the right price, b) 65% of respondents used a single password across multiple applications, and c) one in three employees purchase SAAS applications without informing IT, d) 84% worry their personal info is being shared, and e) 40% have access to applications after leaving their jobs. IT security experts respond: Tim McElwee, President, Proficio: “This recent research underscores the need to monitor the behavior of employees, including who is accessing what systems…
Apple’s iMessage system has a cryptography flaw that allowed researchers to decrypt a photo stored in iCloud, the Washington Post reported on Sunday. Here to comment on this news is Security Experts from Tripwire. Tim Erlin, Director, Security and IT Risk Strategist at Tripwire: “When researchers and software companies work in partnership around security research, the systems in use become more secure. The idea of encryption is simple to comprehend, but implementation in the real world is fraught with difficulty. Many of the security defects we’ve seen with encryption systems are problems in the implementation, rather than the math itself.…
Cybersecurity remains a key concern and a real threat to many businesses. As a recent study of 150 board members in the UK shows, the estimated average cost of lost data over one year could amount to as much as £1.2 million. Yet there still remains a lack of boardroom governance across the UK’s major industries. It prompts the question as to whether there are other aspects around security and critical infrastructure that are being overlooked by UK boardrooms, which could also result in significant financial loss if ignored. Protecting buildings and assets, communications and data systems, marine and transport…
In light of the news that Palo Alto Networks have identified new iPhone malware, here to comment on this news is Guillaume Ross, Senior Security Consultant, Strategic Services, Rapid7. Guillaume Ross, Senior Security Consultant, Strategic Services, Rapid7: If you need anything further please do get in touch? “AceDeceiver, as identified by Palo Alto Networks, is malware that has been spreading on iOS using techniques that have been observed in the past. One of these vectors, using Enterprise Certificates, is a technique often used to install legitimate software developed internally by a company. Since those certificates allow the installation of applications…
A hacker has gained access to Adele’s personal photos and released them, including a pregnancy scan of her son. The hacker reportedly accessed the photos through her partner’s email. Here to comment on this news is security experts from Lieberman Software, ESET, AlienVault, MIRACL and Tripwire. Jonathan Sander, VP of Product Strategy at Lieberman Software: “What’s interesting about this breach of Adele’s privacy is how closely it follows the pattern typical of corporate breaches. They suspect the attacker gained access through a poorly secured partner’s access. The breach itself was discovered by a third party and reported to the unsuspecting victim. These details closely mirror…
Financial Fraud Action UK released figures which found that fraudsters stole £755m from British consumers and financial institutions during 2015 – a 26% increase on the year before. The figures reported that remote banking fraud saw the biggest growth, leaping by 72% last year, with more than £168m being stolen from unsuspecting victims.Here to comment on this news is John Lord, MD of identity data intelligence specialists GBG who argues that we actually need more personal data to combat these rising levels of fraud. John Lord, MD of identity data intelligence specialists GBG: “As instances of fraud increase, so too does the…
There is 55% increase in online fraud in 2015 because of social media postings according to new research conducted by Get Safe Online. Here to commnet on this news is John Grimm, Director at Thales e-Security. John Grimm, Director at Thales e-Security: “Unfortunately, as e-tickets become more common, so does the risk of fraud. Without proper safeguards, e-tickets are much easier to replicate and fake than the traditional printed tickets and event organisers increasingly face the reoccurring issue of balancing user convenience with security. As more fans fall victim to fraud, it’s never been more important to look at how event…
Israeli software researchers have found a way to exploit Android’s Stagefright vulnerability, previously found to leave millions of devices susceptible to cyber attacks. Stagefright was originally described as ‘the worst Android bug ever discovered’, however the exploit – dubbed ‘Metaphor’ by its creators – marks the first time the vulnerability has been compromised in the operating environment. According to Jan Vidar Krey, head of development at Norwegian security specialists Promon, Android’s inconsistent patching and system updates leave far too much to chance, inviting cyber attackers to try their hand at executing malware on foreign devices: “Although Google released security patches for…
Check Point has revealed the most common malware families being used to attack organizations’ networks and mobile devices globally in February 2016. For the first time, malware targeting mobiles was one of the top 10 most prevalent attack types, with the previously-unknown HummingBad agent being the seventh most common malware detected targeting corporate networks and devices. Discovered by Check Point researchers, Hummingbad targets Android devices, establishing a persistent rootkit, installs fraudulent apps and enabling malicious activity such as installing a key-logger, stealing credentials and bypassing encrypted email containers used by enterprises, with the aim of intercepting corporate data. Check Point…