A new report out from the Office of the Inspector General claims the Nuclear Regulatory Commission’s cybersecurity center isn’t optimized to protect the agency’s network in the current cyber threat environment. The nation’s unclassified nuclear computer systems are vulnerable to cyber attacks because of generic security contracts that don’t spell out who is responsible for keeping an eye on them. Tim Erlin, director of IT security and risk strategy for Tripwire have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire : “It’s always less costly to build security in from the beginning…
Author: ISBuzz Team
This weekend, The San Francisco Chronicle reported on PayPal and other companies buying stolen data from criminals, detailing the process and its importance to counter intelligence investigations. Mark Bower, global director, product management for HPE Security, have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Mark Bower, Global Director of Product Management, Enterprise Data Security for HPE Data Security : “The strategy of buying samples of stolen data can help with forensic investigations and an understanding of the criminal value chain where stolen data is bought and sold. Secondly, having access to what was stolen can help pattern match the digital fingerprints of…
An old “domain registration” scam is trying to catch Irish businesses off guard. The email we received follows the same pattern as similar “domain registration” scams we’ve seen in the past, going as far back as 2004. But it seems a certain number of people are still falling for it, which is why the cybercriminals are still using it and emailing Irish businesses with it. [su_note note_color=”#ffffcc” text_color=”#00000″]ESET Ireland In our case the subject line of the spam email was “About the eset” and the content of the email claims it comes from “the department of Asian Domain Registration Service…
As of September 2015, there were 1.55 billion monthly active Facebook users worldwide. That is a bunch of people for criminals to target and a ton of opportunity for cyber crime of all sorts. Even though Facebook has changed they way the world communicates, there is a dark side to the popular social media service. Criminals use Facebook for crime. Still, there are simple ways to protect from becoming a victim. First, knowing what to look for will save you a bunch of heartache. Second, making a few minor changes will make it harder for the criminals to get you.…
Following the Information Commissioner’s Office (ICO) declaration that tougher sentences are needed to deter data thieves, Esther George, who is Director of Cyber Crime and Prevention at 8MAN, and formerly a senior policy advisor for the Crown Prosecution Service and author of the Council of Europe Electronic Evidence Guide, as well Phillip Manning, Non-Executive Director at 8MAN have the following comments on it. Esther George, Director of Cyber Crime and Prevention at 8MAN: “The comments from Information Commissioner Christopher Graham on the need for greater sentencing powers reveals the continued disconnect between the actions of cyber thieves and the punishment that…
You may have seen the news that hackers carried out an attack on the database of Faithless, the electronic band, affecting the personal data of thousands of music fans. The data, including email IDs and passwords, has now been sold on the dark web yet, despite fixing the security issue once it had been flagged, those responsible for the database did not tell the affected individuals. As a result, around 18,000 Faithless fans were left unaware that their private information had been compromised. Security experts from Netskope and Veracode have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Eduard Meelhuysen, VP EMEA…
From Mission: Impossible to James Bond to today’s new spy thrillers, nifty gadgets have defined the genre, as our secret agent heroes more or less gain super powers by way of cool technology. The spy game is all about secrets, as cat and mouse games of surveillance and secured messages carry the action. While perhaps not as glamorous as most Hollywood scripts, a real life equivalent to this genre certainly exists that companies and individuals deal with every day. Businesses have corporate secrets to protect their competitiveness, and most hold private consumer or employee data that they are required by…
Cloud-based security solution minimises an organisation’s attack surface by governing and securing federated access by outsourced IT, vendors and other third parties Centrify, the leader in securing enterprise identities against cyberthreats, announced a major advancement in its Privileged Identity Management solution. Centrify is now the first vendor in the industry to support federated privileged access across an organisation’s entire security eco-system, including secure outsourcing of IT and application development. The solution is designed for an enterprise’s hybrid IT environment of cloud, mobile and on-premises and leverages the Centrify Identity Platform. Coupled with other major new features such as application-to-application password management…
Although 46 Percent of Global Organizations Received Customer Requests to Remove Data in Last 12 Months, 41 Percent Lack Defined Processes, Documentation & Technology, According to Blancco Technology Group Study To kick off the formal ratification of the EU General Data Protection Regulation by the European Council in early 2016, Blancco Technology Group today released its new data privacy study, EU GDPR: A Corporate Dilemma. Based on a survey of over 500 global IT professionals across more than 20 types of businesses, the study indicates that organizations lack defined processes, documentation and technology to adequately address the “right to be…
You’ve heard about penetration testing, but you’re not sure what to ask or where to start. Here are some of the questions you should ask, and the answers you should get from a testing company. What Is A Penetration test? Logical question. But, not too many people ask this one. You should. A pen test is an attempt to penetrate your security by testing and evaluating its weaknesses. Testers do this by exploiting vulnerabilities in the server, networking system, and your employees. Some tests include remote, onsite, and social engineering attacks. The five most common phases of any test include…