In response to the news that cyber-thieves are stealing millions of pounds using a scam based around faking email messages from company bosses where finance staff are asked to rush through a payment to a supplier, Gary Steele, CEO of Proofpoint have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Gary Steele, CEO of Proofpoint : “Strategies of attacks continually change as cyber criminals are always looking for the easiest way in to organizations, however the one tactic that is constant with today’s cyber criminals is email. Email is the #1 threat vector for organizations because all it takes is one click…
ISBuzz Team
In light of the news of Canonical’s Ubuntu phone vulnerabilities Tod Beardsley, security engineering manager, at Rapid7 have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Tod Beardsley, Security Engineering Manager, at Rapid7 : “The install base of Canonical’s Ubuntu phone is tiny compared to Android and iOS, so it is unsurprising that there are few, if any, independent security researchers studying the security models in use. I do think that this story is ultimately positive for Canonical: even though only 15 (total) devices were affected, Canonical spun out a fix within hours of learning of the bug. Vulnerabilities are routinely reported against Android…
VMworld Europe Attendees Predict that the U.K. will Continue to Suffer More Data Breaches than any other European Country in 2016 Thycotic, a provider of smart and effective privileged account management solutions for global organizations, announced the results of a survey of over 100 VMworld Europe 2015 attendees conducted between October 5th and 15th in Barcelona, Spain. One of the key themes that emerged in Barcelona is that IT security has become a growing headache for organizations because modern IT infrastructure, increasingly virtualized, has not been “fundamentally architected for security.” Thycotic’s survey findings support that assessment. In general, attendees feel that US companies still…
New study shows UK workers are significantly lacking in cyber awareness and could be leaving themselves at risk A new study has revealed that the majority of UK workers are not Cyber Savvy and have failed a Cyber IQ test, which was compiled by experts at internet security firm ESET. Study participants were asked a range of basic to intermediate questions around cybercrime and security awareness; however the majority of the questions were answered incorrectly. For instance, when respondents were asked if it is true that cyber criminals attack mobile devices in the same way they attack laptops and PCs,…
Non-executive directors leaders should take heed from recent data breaches Boards must become fluent in the language of cyber security to improve the way their companies deal with threats, says APMG International. When it comes to cyber security, when does ignorance become negligence? The Companies Act 2006 states that directors have a legal responsibility to act within their powers and promote the success of their companies, and to exercise independent judgement, reasonable care, skills and diligence. As the severity and frequency of data breaches has increased, cyber security has become an integral part of reasonable care of a company. It…
Hidden Data Economy report exposes price points for stolen data bought and sold in cybercriminal marketplaces News highlights : Average estimated price for stolen credit and debit cards: $5 to $30 in the United States; $20 to $35 in the United Kingdom; $20 to $40 in Canada; $21 to $40 in Australia; and $25 to $45 in the European Union. Bank login credentials for a $2,200 balance bank account selling for $190. Bank login credentials plus stealth funds transfers to U.S. banks priced from $500 for a $6,000 account balance, to $1,200 for a $20,000 account balance. Bank login credentials…
Baroness Shields, a former Facebook executive and technology advisor to the current government made some interesting comments about the rise of end-to-end encryption solutions, and confirming the government had ruled out making app-makers include “back doors” into their software. Jonathan Parker-Bray, CEO of Criptyque makers of Pryvate, a government grade end-to-end encrypted communications solution. Jonathan Parker-Bray, CEO, Criptyque, creator of the newly launched Pryvate, secure communications solution said : We welcome the comments from Baroness Shields and would like to join her in recognising the essential role that strong encryption plays in protection people’s details. However, we disagree with the…
Telecoms provider Vodafone has reported that nearly 2,000 of its customers have had their details accessed. According to Vodafone, the incident happened between Wednesday and Thursday last week. Reportedly, 1,827 customers have had their accounts accessed, with criminals potentially accessing customers’ names, their mobile phone numbers, bank sort codes and the last four digits of their bank account numbers. The BBC reported that the details criminals used to try and access Vodafone accounts were allegedly bought on the ‘dark web’. Brian Spector, CEO of Certivox the Cryptography company explains : Insight into what happened? “There is limited information currently available.…
Researchers have discovered that Chinese sponsored government hackers have tried to penetrate at least 7 US companies since a pact was signed by the US and China agreeing to stop state sponsored hacking. Tim Erlin, director of IT security and risk Strategy at Tripwire have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire : “Accurately attributing attacks is more of art than science. Adding a motivation criterion to the attribution requirements increases the complexity of actually coming to a firm conclusion. The increasingly interconnected nature of commerce and government blurs the line…
A group of Russian hackers have reportedly infiltrated the servers of Dow Jones & Co. Inc., owner of the Wall Street Journal and several other news publications, and stole information to trade on before it became public, according to four people familiar with the matter. The breach is described as far more serious than a lower-grade intrusion disclosed a week ago by Dow Jones, a unit of Rupert Murdoch’s News Corp. Ken Westin, senior security analyst at Tripwire have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Ken Westin, Security Analyst for Tripwire : “Over the past few years there has been…