It is high noon. The one (and only) security analyst for a midsize business, needs to prepare for a PCI compliance audit. Meanwhile, a phishing email baits an account payable clerk at a regional office to access a malicious site and his workstation is infected with a financial Trojan. At closing that day, $500,000 from the corporate bank account had gone missing – on their way to an off shore account. It turns out, the office UTM appliance was last updated several months ago due to a configuration error. Alerts were issued, but there was simply no time and resources…
ISBuzz Team
SMS PASSCODE’s Pick of This Year’s Most High Profile Data Breaches If you’re an analyst who predicted that cyber attacks would go through the roof this year, 2015 has not been a disappointment. True to industry predictions, more security breaches through hacking have hit the headlines than ever before. Whether the target is a massive corporation or a small business, no organization is too big or too small to escape hackers’ scrutiny. Although this is by no means an exhaustive list, SMS PASSCODE’s annual “Top Ten Global Hack Attacks” showcases some of the most high profile hacks this year, showing how…
Recently there has been an upward trend in the usage of managed service providers (MSPs). Up until the present, MSPs have mostly been contracted to help with technical and equipment issues. ITS believes that there are three areas where MSPs will start to grow and become more popular. These predictions reflect trends that are already becoming apparent in the industry. ITS’s three predictions for 2016 are : Prediction #1: Managed service providers will become more popular amongst small to midsized businesses. Outsourcing IT support services to a MSP will be important for SMEs whose internal staff don’t have the time…
Certain Lenovo computers can be hijacked by malicious websites because of security flaws in software that comes preinstalled from the factory. Tim Erlin, director of security and product management at Tripwire have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire : “We’ve blurred the line between hardware and software suppliers with companies like Lenovo, Apple, Samsung and HTC. When the vulnerability is in software supplied by the same company delivering the hardware, the economic impact and remediation options necessarily shift. These blurred-line companies have a vested interest in avoiding solutions that simply…
The Communications Fraud Control Association (CFCA) has announced the results of its Global Telecom Fraud Survey, reporting an 18% decrease in communication fraud since 2013. CFCA attributes this increase in collaboration and coordination among carriers in identifying and stopping fraudulent activity following the 2013 report, but Angela German, Director of Marketing of VoipSec calls for the CFCA to substantiate this statement, and questions the conclusions of the report. Comparing the 2013 and 2015 reports is not the easiest task because of variations in the questions and styles of reporting. The 2015 report shows IP PBX hacking (described as VoIP hacking…
Customers’ credit card information, passport data, purchase data and other Personally Identifiable Information (PII) was being sent unencrypted from smartphones when users are purchasing items from major brands’ mobile websites and apps. Companies identified include easyJet*, Chiltern Railways, Aer Lingus, AirAsia, Air Canada** and 11 other companies, ranging from taxi firms (KV Cars in the UK and American Taxi in the US) to giftcard and event ticket providers (Sistic in Singapore). Security experts from Wandera, Tripwire and Lieberman Software have the following comments on this bif flaw. [su_note note_color=”#ffffcc” text_color=”#00000″]Eldar Tuvey, CEO at Wandera : “We believe there are two likely reasons…
Tripwire security researchers offer practical cybersecurity advice for consumers Cyber Monday is the heaviest online shopping day in the United States, with last year’s sales exceeding $2 billion within 24 hours. Unfortunately, for bargain-hungry consumers, the holiday shopping season is a bonanza for cyber criminals. “The holiday season is the perfect time for attackers to target online shopping sites, since the increased traffic means more potential targets,” said Lamar Bailey, director of research and development at Tripwire. “Consumers need to be extra cautious when they shop online. The good news is that anyone can dramatically reduce the risk of being…
ENITSE Enterprise IT Security Conference & Exhibition will be held on 17-18 May 2016 in Istanbul, Turkey. ENITSE is one of the most important events in EMEA in its category. An intensive participation is expected to the ENITSE 2016 Conference and Exhibition from Turkey and many other countries of the world. The Agenda (Conference Program) of ENITSE 2016 is published on the conference website. Sponsorship and delegate registrations are open. There is an early bird sponsorship pricing which is valid until 22 January 2016. The early bird delegate pricing is valid until 04 March 2016. IT Security, Network Security, Big…
Our research team exposed a critical security vulnerability appearing in various Anti-Virus (AV) products which has the potential to turn the Anti-Virus to an attack-enabler tool. This issue is not necessarily constrained to security solutions, but potentially to any intrusive application such as data leak prevention (DLP) and performance monitoring solutions. Due to the pervasiveness of Anti-Virus products – a market valued at $3.5 billion, with about 400 million seats, this vulnerability potentially affects millions of Anti-Virus customers. [su_note note_color=”#ffffcc” text_color=”#00000″]Tomer Bitton, Co-Founder and VP Research at enSilo : Background While at a customer site in March 2015, the enSilo product…
The ongoing war in Syria has seen the number of fraudulent emails targeting the international community rise in recent months, according to a Kaspersky Lab report into spam and phishing trends. Widespread media coverage has increased international interest in the plight of Syrian citizens, and this has led Nigerian scammers to jump on the bandwagon and exploit the kindness of strangers looking to help those affected by events in the Middle East. Most emails claim to be from Syrian citizens seeking asylum in Europe and request assistance in investing large sums of money. Many purport to be from women whose…