BACKGROUND: In “The State of Secure Online Holiday Shopping,” NTT Application Security reports that in a study 1,057 online shoppers over the age of 18, most will remain with a retailer after a data breach, even if it was of their own data. A full 94% said they understood the risks of shopping online, yet only 25% would change retailers after a breach. Findings: False sense of security – 58% felt their data was protected while shopping online57% felt secure storing their credit card data on a mobile app55% felt secure storing their credit card information in a digital wallet69%…
ISBuzz Team
BACKGROUND: News broke overnight that California Pizza Kitchen has suffered a significant data breach, exposing the SSNs of its current and former employees. Currently, the breach is under investigation and the cause is unknown. The company discovered a disruption on September 15. The Office of the Maine attorney general disclosed that a total of 103,767 current and former CPK employees have been affected by the incident.
BACKGROUND: This morning the BBC reported that organisations working on Covid-19 vaccine research were one of the main targets of cyber-attacks dealt with by UK computer security experts last year as 777 incidents occurred between August 2020 and September 2021.
BACKGROUND: Researchers at Avant Analytics have released The 6-12 Report: SASE, reporting that 90% of IT leaders plan to implement secure access service edge (SASE) migrations into their current framework. Excerpts: SASE is a security model, typically cloud-based, which bundles software-defined networking with network security functions, all of which are delivered by a single provider using multiple points-of-presence (POPs)…The SASE market will grow at a compound annual growth rate of 116%, CAGR, attaining a market value of $5.1 billion by 2024. – Dell’Oro GroupMore than two-thirds of the respondents in our survey point to security as the main benefit of…
BACKGROUND: In response to reports that a new study produced by Cybereason found that organizations are significantly more vulnerable to ransomware attacks during weekends and holidays, Information Security Expert offers the following comment.
BACKGROUND: It has been reported that the National Cyber Security Centre (NCSC) said it tackled a record number of cyber incidents in the UK over the last year, with ransomware attacks originating from Russia dominating its activities. The cybersecurity agency said it had helped deal with a 7.5% increase in cases in the year to August, fuelled by the surge of criminal hackers seizing control of corporate data and demanding payment in cryptocurrency for its return. Paul Chichester, director of operations, said that “ransomware has certainly dominated a significant portion of year” and that the hacking epidemic had become “global…
FOI request conducted by Armis shows 41% of NHS Trusts don’t have a real-time risk register of all digital assets connected to their networks Armis, the leading unified asset visibility and security platform provider, today released figures from a Freedom of Information (FOI) request to over 80 NHS Trusts that highlighted compliance and device management complexities could be creating critical cybersecurity gaps. The study confirmed that while 85% had identified all devices, including medical devices, on the Trust’s network, 41% had no real-time risk register of these assets and one in three did not identify and monitor all medical devices being…
BACKGROUND: The Verge say Robinhood has revealed that “several thousand entries” in a list obtained by hackers included phone numbers, indicating that a November 3rd security breach compromised more information than the company originally reported. More precisely, the list contains around 4,400 phone numbers according to Motherboard, which reportedly obtained the list from a “proxy for the hackers.”
BACKGROUND: Researchers from , GData, Cryptolaemus, and Advanced Intel have reported seeing the TrickBot malware downloading DLLs for Emotet on infected devices. In January of this year, an international effort including eight countries dismantled the Emotet infrastructure and arrested two individuals, but now it’s back and spreading. GData blog Excerpts: On Sunday, November 14, at around 9:26pm UTC we observed on several of our Trickbot trackers that the bot tried to download a DLL to the system. According to internal processing, these DLLs have been identified as Emotet. However, since the botnet was taken down earlier this year, we were…
BACKGROUND: The House Oversight and Reform Committee today released a staff memo on investigations into ransomware attacks including the Colonial Pipeline attack and JBS meat producer. The memo, a result of a committee panel investigation, conclude that “small lapses” contributed to successful ransomware attacks, including lacking point of contacts with the federal government and pressures to pay attackers to restore systems.