The recent high profile cyber attack at Talk Talk highlights how breaches are becoming a fact of life for any organisation using the web for business. It’s the reason why many companies employ ethical hackers to test their cyber security and identify potential vulnerabilities that put confidential financial, security or customer data at risk. So, what does an ethical hacker do? And how does this differ from the nefarious activities of those individuals that break into computer systems and networks for gain – or to cause harm? Mark Amory, ethical hacking expert at QA have the following comments on it.…
ISBuzz Team
One of the most serious patches is one for a true remote code execution bug within the DNS implementation. Identified as MS15-127, Microsoft indicates that a crafted DNS request can trigger an exploitable use-after-free condition to achieve code execution in the context of the local system account. Although Microsoft has indicated that we are not likely to see reliable exploits being developed any time soon, it is imperative that administrators deploy this patch to affected servers as soon as possible,” explains Craig Young, Cybersecurity researcher for Tripwire. Craig, Tyler Reguly – a manager of security research and Lane Thames of…
It’s no surprise to anyone that Wi-Fi use continues to grow. However, what is hard to believe is that there are so few public Wi-Fi networks capable of serving our needs outside of the home securely—particularly when you consider that as of today, nearly everyone owns a smart phone, 91% use a laptop, and 80% have a tablet. The portability of these items reflects intent of use, which is, of course, mobility. But there is little point in being able to work remotely from a coffee shop, do banking from our phones while waiting at the airport, or make purchases from the…
Whether you’re the kind of guy who expertly navigates between his tablet, Apple Watch and computer throughout the day, or the kind of gal who simply manages everything from her smartphone, technology is a significant part of your life. And when you put your money toward buying new devices or upgrading ones you already own, you want that investment to be worthwhile. For some reason, though, many people forget that maintenance is an important part of caring for technology. The good news is this doesn’t mean you need to add daily tasks to your routine or spend a ton of…
Software Asset Management Critical to Cybersecurity Initiatives and Automation to Managing Agile Development Cycles in 2016 Vincent Smyth, General Manager & Senior VP EMEA for Flexera Software, offers his insights into what 2016 holds for businesses as they grapple with more complexity in maintaining and securing their software estate. Windows 10 – Agile Dev Will Break Fragile Ops: Windows 10 has gone agile. Microsoft is now making more, smaller updates of its operating system, allowing enterprises to roll out enhancements to employees on an ongoing basis. Flexera Software predicts that enterprises will need to automate processes in order to accommodate…
Experts working in Kaspersky Lab’s Computer Incidents Investigation Department (CIID) have spent the last three and a half years investigating more than 330 cybersecurity incidents affecting government and private-sector organisations. Their findings reveal that more than 95 per cent of these incidents used malicious software, often successfully, to steal funds. Details of this discovery and other key findings have now been compiled into a Kaspersky Lab report, “The Russian cybercrime underground: How it works.” The report estimates the damage caused to businesses by Russian-speaking cybercriminals who have been arrested in the last few years. It also includes an overview of…
Even with the increase of awareness and development of sophisticated technology used to counter these attacks, hackers still manage to find their way into confidential data. This continues to be possible, as hacking techniques develop just as quickly with the innovations in IT security. Cyber thieves get better and better at what they do, and the only way to beat them is to think one step ahead. So, it’s important to explore other options and not focus on preventing data loss and reducing risks of a data breach alone, considering that cybercriminals breach even the best security systems. As a…
ESET took part in a global operation to uncover malware affecting more than a million computers. The operation by law enforcement agencies around the globe led by the FBI, Interpol and Europol disrupted the Dorkbot infrastructure, including Command and Control servers in Asia, Europe, and North America. What’s more, the operation has led to the seizure of domains, thus disrupting the botnet operators’ capacity to control their victims’ computers. Jean-Ian Boutin, malware researcher at ESET have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Jean-Ian Boutin, Malware Researcher at ESET : “To make the internet safer and protect our users, we…
In response to a new piece of research from ESET which revealed that 138,000 mobile phones and laptops are left in bars across the UK each year and 64% of them do not have any security installed, Craig Young, senior security researcher at Tripwire have comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Craig Young, Security Researcher at Tripwire : “The first thing most people think of when considering the possibility of a lost or stolen smartphone is that it will be expensive to replace, but the fact of the matter is that in the wrong hands the data stored on many smartphones can…
More than 80 percent of mobile devices have encryption flaws, while an application written in any of a trio of scripting languages—including PHP, ColdFusion and Classic ASP—are more likely to have serious flaws. Craig Young, security researcher at Tripwire have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Craig Young, Security Researcher at Tripwire : “SSL implementation flaws are incredibly prevalent in mobile apps and present grave risks due to the tendency of these devices to use untrusted wireless networks. I believe that a common source of this problem is that developers add logic to specifically disable certain SSL features (namely…