I was in a restroom the other day and I noticed a food service worker exiting a stall with his cell phone in his hand. My apologies if you are reading this at breakfast. The food service worker placed the phone in his pocket, and diligently washed his hands before returning to work. What is wrong with this picture? The problem is that if he was using the phone while in the bathroom, the phone is likely to have picked up bacteria or other matter along the course of its use. Numerous studies, some of which date back more than…
ISBuzz Team
The cyberattacks against the Ukrainian electric power industry continue. Background information on this story can be found in our recent publications: BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry BlackEnergy by the SSHBearDoor: attacks against Ukrainian news media and electric industry BlackEnergy and the Ukrainian power outage: What we really know [su_note note_color=”#ffffcc” text_color=”#00000″]Robert Lipovsky at ESET : We discovered a new wave of these attacks, where a number of electricity distribution companies in Ukraine were targeted again following the power outages in December. What’s particularly interesting is that the malware that was used this time is not BlackEnergy, which poses further…
Every organization has data flowing into and out of the organization. Along with any data comes the risk of malware. To protect against threats, most organizations implement anti-malware solutions at different entry points, such as email, web, and portable media. However instead of tackling each entry point as a separate anti-malware project, organizations should treat secure data workflow as a complete process that addresses data cyber security in the company as a whole. By combining the different elements into one process, organizations obtain a complete overview, decreasing the chance of overlooking things and allowing them to benefit from synergies and…
In response to the news that the Irish National Lottery website and ticket machines were brought down by a DDoS attack, Igal Zeifman, senior digital strategist at Imperva have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Igal Zeifman, Senior Digital Strategist at Imperva : “As a rule, record setting prizes and jackpots result in traffic spikes on lottery sites and it is very common for DDoS attackers to strike during such predictable peak traffic times, especially when going after big targets. Such attacks maximize the damage potential of the assault by applying additional pressure on the already-strained organizations and network infrastructures.”[/su_note] [su_box title=”About Imperva®”…
The highest European Union court has declared Safe Harbor invalid. Companies around the world must undertake an immediate reassessment of IT, data storage and eDiscovery policies At the end of last year, businesses that relied on the Safe Harbor protocol to transfer data method between the EU and the US had to conduct a major review and policy shift following a landmark decision by the Court of Justice of the European Union (CJEU). It came about because, in the last quarter of 2015 the court invalidated the EU-US Safe Harbor agreement, stating that the agreement failed to provide adequate protections…
The DDoS Environment Before we look at how an attack affects you and everyone in your network, here’s a quick primer on what a DDoS attack is. A typical brute force DDoS attack comes from a botnet – an enormous network of malware-infected devices, often numbering in the millions, that cyber criminals use to lock up your website. Many infected computers and mobile phones are unwitting components of a botnet as people browse the Internet unaware of enabling any malicious activity. This cycle perpetuates itself creating a self-sustaining chain of criminal activity. At the center are the victims from whom the cyber…
Eighty-two percent of oil and gas IT professionals see significant increase in successful cyberattacks Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced the results of a study conducted by Dimensional Research on the cybersecurity challenges faced by organizations in the energy sector. Key findings of the study include: Eighty-two percent of oil and gas industry respondents said their organizations have seen an increase in successful cyberattacks over the past 12 months. Fifty-three percent of oil and gas industry respondents said the rate of cyberattacks has increased between 50 and 100 percent over the…
Late last year the NHS suffered bad press from the discovery of widespread corrupted apps in their now-closed Health app store. However, the technical directors don’t seem to have addressed inherent security flaws, and have recently been found to be approving corrupted apps according to audits carried out by a security provider.According to Norwegian security specialist Promon, the NHS must quickly overcome delays in security improvements if they are to maintain the confidence of their patients. Tom Lysemose Hansen, founder and CTO of Promon, warned of the ramifications of failing to address the problem: “A leak of private medical records…
ESET study reveals that only 53 percent of devices get returned to owners, which begs the question – what happens to the other 10,004? A new study from internet security firm ESET has revealed that memory sticks, mobiles phones and dead rats are just some of the items dry cleaners find in dirty clothes each year. The study revealed that 22,266 USB memory sticks and 973 mobiles phones are left in pockets and a staggering 45 percent of the devices never get returned to their owners. As part of the research, ESET surveyed 500 dry cleaners across the UK in…
Kaspersky Lab has discovered a zero-day vulnerability in Silverlight, a web technology used to display multimedia content. The vulnerability would allow an attacker to gain full access to a compromised computer and execute malicious code to steal secret information and perform other illegal actions. The vulnerability (CVE-2016-0034) was fixed in the latest Patch Tuesday update issued by Microsoft on January 12, 2016. The discovery was the result of an investigation that started over five months ago from an article published by Ars Technica. In the summer of 2015 a story about the hacker attack against the Hacking Team company (a…