A recent influx of attacks on loyalty cards and schemes targeting companies including Hilton, Costa Coffee, British Airways and Tesco highlights it’s not just your passwords or money that cybercriminals are after. Take, for example, the recent hack on Hilton Worldwide, which saw its systems targeted through payment card-stealing malware. The global hospitality company has confirmed that the malware could potentially steal cardholder names, security codes, payment card numbers and expiry dates. Or look back to the hack on its loyalty card ‘Hilton HHonors’ last year. Brendan Brothers, a frequent traveler logged into his Hilton Honors account to find that…
ISBuzz Team
Cloud computing platforms and services have come a long way in the last few years. In 2010, the Cloud Industry Forum (“CIF”) found that just 48 per cent of UK-based organisations had consciously adopted a Cloud service1. That figure now stands at 84 per cent, with more than three quarters (78 per cent) of users having adopted two or more Cloud services. Many benefits can be achieved by moving data towards the Cloud and it’s no surprise that most organisations are beginning to realise its potential. However, for public Cloud services in particular, the key sticking point remains security. For…
UK cyber security innovator Glasswall Solutions sees data security rising to the top of the corporate agenda as organisations fail to cope with new threats and regulations Glasswall Solutions, the acclaimed UK cyber security company, today issued its top five predictions for 2016. The list covers the five key developments that Glasswall’s team of experts believes will have biggest impact on cyber security over the next 12 months. “Businesses around the globe now face unprecedented threats from every kind of hacker and cyber criminal,” said Greg Sim, CEO, Glasswall Solutions. “We believe the next 12 months will see some of…
New research from Panda Security shows that cybercriminals were creating new malware samples at a rate of more than 230,000 a day throughout 2015. Security experts from Tripwire have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Travis Smith, Senior Security Research Engineer at Tripwire : “Cybercriminals know how good guys work. Historically, the good guys detected malware with signatures; a description of what the malware file looked like. Now, more often than not criminals are re-using existing malware using a technique called polymorphic code. This technique allows hackers to make the same piece of code look different on each infected…
You may have seen that Amazon Web Services has launched its ‘Certificate Manager’ platform this week, allowing developers access to free SSL certificates. While this will help developers avoid the costs of digital certificate renewal, it is not without its risks. Kevin Bocek, VP security Sstrategy at Venafi comment on the dangers of free SSL certificates from. [su_note note_color=”#ffffcc” text_color=”#00000″]Kevin Bocek, VP of Security Strategy and Threat Intelligence, Venafi : “With the launch of Let’s Encrypt, we anticipated others would follow in the same footsteps to offer free digital certificates. That’s why it’s not surprising to see Amazon Web Services…
As Downton Abbey star Jessica Brown Findlay opens up about the hacking scandal calling for better online policing, Intel Security comments on the issue of protecting our private content and where the responsibility lies with us. Raj Samani, CTO for EMEA, Intel Security haev the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Raj Samani, CTO for Intel Security EMEA: “It’s great to see Jessica bringing the issue of hacking private content back to the top of the news agenda. As so many of us live through the internet nowadays it is scary how easy it is for others to take advantage.…
A security researcher has said software developed by the UK intelligence agency GCHQ contains weaknesses making it possible to eavesdrop on phone calls. The security protocol is used to encrypt Voice Over Internet Protocol (Voip) calls. University College London researcher Steven Murdoch described vulnerabilities in how such conversations were encrypted. GCHQ said it did not recognise the findings. [su_note note_color=”#ffffcc” text_color=”#00000″]Brian Spector, CEO of MIRACL : “The MIKEY-SAKKE protocol is actually a secure protocol and has a number of great advantages over traditional public/private key cryptography. The issue is, like all identity based encryption protocols, that the private key is…
Following news that TalkTalk saw a significant drop in its market share following last year’s wide-scale cyberattack, Richard Parris, CEO at Intercede have the following comments on it. Richard Parris, CEO at Intercede : “The news today, from research group Kantar, of a significant drop in TalkTalk’s market share in the wake of the company’s most recent security scare, should be a wake up for all businesses. Consumers do care about the security of their digital assets and will churn to a competitor if you fail to protect them. “Businesses need to act now and stop relying on out-dated verification and…
The year hackers got your fingerprints, your health records, and your love life. 2015 will go down as another landmark year for big-time data breaches. Once relegated to the pages of industry publications, and shared like traditional war stories amongst groups of information security professionals at community events, data breach stories are now almost a permanent fixture in the mainstream media. Of course, major breaches are not a new thing. In prior years we’ve seen some sizable events that have all, in some way, gone down in the annals of information security history. What made 2015 different? It was the…
As a reader of Information Security Buzz, you are probably already familiar with all the different points of access that hackers and other threats use to breach the security measures that enterprises have set up to protect their data, such as social engineering, cross-site scripting flaws and unpatched windows machines. One of the potential vectors that is often ignored or at least underestimated is remote access software which is used by various service providers and which is very often not secure enough. Remote Access Software 101 In order to understand why remote access software plays such a pivotal role in…