InfoArmor is reporting that hackers are selling digital certificates that allow code signing of malicious instructions and making a whole business out of it. Travis Smith, senior security research engineer for Tripwire have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Travis Smith, Senior Security Research Engineer for Tripwire : “Code signing provides the assurance to users and the operating system that the software is from a legitimate source. Both obtaining and correctly applying the certificates to legitimate software is expensive and complex. Many protection mechanisms, rightfully so, check for the digital certificate. However, it’s possible that additional security measures stop investigating…
ISBuzz Team
Security researchers from Botfrei have published findings of a new version of the Chimera Ransomware that is currently targeting German SMBs. According to their report, and in a twist to previous ransomware campaigns, Chimera warns those unlucky to encrypt their files that, if they don’t pay, their data will be published online. Troy Gill, manager of security research at AppRiver, have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Troy Gill, Manager of Security Research at AppRiver : “While this specific threat is a new addition to the crypto ransomware malware family, it is in perfect keeping with typical malware attacks. Making threats…
Distributed denial of service (DDoS) attacks are a constantly evolving menace that threaten online businesses with downed websites, financial losses and damaged client relationships. As perpetrators continue to adopt new technologies and methods to execute attacks, the need for organizations to stay informed and up-to-date with the latest trends in online security has never been greater. Our latest DDoS Threat Landscape report reviews the changes in DDoS attack patterns in Q3 2015. The report was compiled using data from 7,752 network and application layer assaults mitigated by Imperva Incapsula in Q3 2015. The third quarter was notable for a number…
With the announcement of the details of the new Investigatory Powers Bill, Security experts from Pryvate and techUK have the following comments on this critical topic. [su_note note_color=”#ffffcc” text_color=”#00000″]Antony Walker, Deputy CEO of techUK : “This draft bill requires very careful scrutiny. On first impressions it looks like a step in the right direction to creating what is required here – a world leading legal framework that balances the security needs with democratic values. Parliament must now judge whether the powers government is seeking such as internet connection records, equipment interference and bulk collection are necessary and proportionate and whether the safeguards being proposed…
An MS-ISAC Cyber Security Advisory issued on September 18 states that multiple vulnerabilities in Apple products could allow remote code execution: “Multiple vulnerabilities have been discovered in Apple iOS and iTunes…These vulnerabilities can be exploited if a user visits or is redirected to a specially crafted webpage or opens a specially crafted file, including an email attachment.” It further states, “Successful exploitation could result in an attacker gaining the same privileges as the logged on user, remote code execution within the context of the application, and the ability to bypass the security systems. While some of these have been known…
Cable giant Comcast announced that 200,000 of its customers will have to reset their login information after a suspected security breach, although the company denies it was hacked. A post on the dark web claimed to sell a package of 590,000 Comcast user emails and passwords for $1,000. Brian Spector, CEO of CertiVox explains about comcast resets nearly200000 passwords after customer list goes on sale. [su_note note_color=”#ffffcc” text_color=”#00000″]Brian Spector, CEO of Certivox : If there wasn’t a breach then what happened? “The company can’t deny it was hacked with certainty if legitimate login details are available for sale on the…
In November’s patch Tuesday, Microsoft released 12 security bulletins, four rated as critical and the remaining 8 rated as important. MS15-112 is the cumulative fix for remote code execution flaws in Internet Explorer. Microsoft lists 25 CVEs, most of which are IE memory corruption vulnerabilities. 19 are called Internet Explorer memory corruption vulnerabilities, with three CVEs labeled slightly different as Microsoft browser memory corruption vulnerabilities. Of the remaining CVEs, one involves Microsoft browser ASLR bypass, one is for an IE information disclosure flaw, and one is a scripting engine memory corruption vulnerability. Here is what security experts from Tripwire have to say…
Cybersecurity experts from Lieberman Software and Tripwire are commenting on news of a data breach involving prison phone records maintained by Securus data storage system. [su_note note_color=”#ffffcc” text_color=”#00000″]Jonathan Sander, VP of Product Strategy at Lieberman Software : “People are saying the massive breach of Securus prisoner phone call data breaks the promise Securus made about a superior security platform, but looking at what’s happened and what they promised that doesn’t seem to be the case. Securus promised that only authorized users of their platform, which records and catalogs millions of phone calls made to and from prison inmates, would be…
Cloud-based vulnerability management solutions have the advantage of being up and running quickly and are often more cost effective than in-house solutions. Here is a round-up of five of the best : Dell SecureWorks : Offering a wide range of managed IT security services, Dell SecureWorks is ideal for companies of any size that need a high level of scaleable security. It can provide protection across the network, safeguarding data, remote users, customers and critical internal assets. The Dell SecureWorks offering includes a raft of options depending on the customer’s needs ranging from managed and 24/7 monitoring of intrusion prevention…
Survey reveals unmanaged credentials are the biggest security issue for organisations and IT professionals are unrealistic about time it takes to identify threats A new survey from Lieberman Software Corporation has revealed that 83 percent of IT professionals do not believe advanced persistent threats are over-hyped, however they are still very naïve about the length of time it would take to identify an advanced persistent threat on their own corporate network. The study was carried out at Black Hat Conference 2015 and looked at the attitudes of nearly 150 IT security professionals. It revealed that 10 percent of IT professionals believe it would take…