High-Tech Bridge, a leading provider of web application security via its award-winning solution ImmuniWeb®, is pleased to announce a free online service designed to check SSL/TLS security of a web server. The service has received valuable technical input from reputable organizations worldwide including the Online Trust Alliance (OTA) and ITU. The Secure Socket Layer, commonly known as SSL and currently being replaced by more secure TLS (Transport Layer Security), is one of the main pillars of modern Internet security, assuring confidentiality and data integrity of data of millions of users every minute. Many security standards, such as PCI DSS, pay…
Author: ISBuzz Team
Ashley Madison is just the latest in a long line of high profile organisations to suffer a high profile breach at the hands of hackers. While today’s data breach may differ in terms of attack type and origin, they all produce the same result – significant data loss. Data is the lifeblood of most modern companies and the long-term negative impact on those who suffer breaches demonstrates just how serious the issue of data loss has become today. But as hackers continue to get smarter and more persistent, what can companies do to protect their information? Below are five recommendations…
Lastline Detonator leverages existing deployments, such as Tripwire and Bit9 + Carbon Black, to make advanced malware protection as easy as “flipping a switch.” Advanced malware protection provider Lastline announced Lastline Detonator, a new solution to protect the full enterprise — including mobile, remote and SoHo users — from sophisticated malware and targeted attacks. Lastline Detonator analyzes potentially malicious files gathered from popular existing endpoint agents and network devices, enabling IT professionals to extend advanced protection to the entire organization easily, economically and within minutes. “By leveraging the existing agents thousands of Tripwire customers have already deployed, Lastline Detonator can…
to make organisations more Security Serious this Halloween With Security Serious just a week away, the organisations involved with the campaign – aimed at making UK Plc a safer place to trade online – have today offered some Hacking Horror Stories and Frightening Facts to help organisations unmask the virtual spooks this Halloween. “2015 has seen an unprecedented number of hacking horror stories. Yet, while cyber-crime is on the increase, security awareness is still low on people’s list of priorities. We’re hoping our campaign will address this imbalance,” explains Yvonne Eskenzi, the driving force behind Security Serious – a week…
A new malware dubbed “Moker” has been discovered. The malware is said to be unique since it bypasses and disables security measures, achieves system privileges, can be controlled without requiring internet connectivity, and takes great measures in order to bypass posthumous research once detected. The malware was spotted as an Advanced Persistent Threat (APT) that exhibits Remote Access Trojan (RAT) capabilities. Security experts from Proofpoint, Imperva, and Lieberman Software explain how difficult this would be to deal with, what can be done and what is unique about it. [su_note note_color=”#ffffcc” text_color=”#00000″]Kevin Epstein, VP Advanced Security and Governance at Proofpoint : Remote access tools…
Telco Systems launched a new cyber-security solution NFV CyberGuard. The solution is designed to help telecom service providers to protect against potential security vulnerabilities resulting from deploying new SDN (Software Defined Networks) and NFV (Network Function Virtualization) technologies and infrastructures. SDN and NFV technologies allow service providers to transform their existing infrastructure into more IT aware and versatile. With the help of SDN and NFV, they can go beyond being mere connectivity providers, and start offering more value added services to their customers. Adding new capabilities to their networks becomes faster and cheaper over SDN and NFV, allowing service providers…
Ninety-One Percent of Health Care Workers Believe Their Organizations are Cybercrime Targets Trustwave® released the 2015 Security Health Check Report—based on a survey of 398 full-time health care professionals—that quantifies the security snags and shortcomings facing the health care industry. According to the study, 91 percent of technical respondents believe criminals are increasingly targeting health care organizations; however, only 10 percent or less of their IT budget goes toward cybersecurity and protecting their patients’ highly sensitive information. The size of the global electronic healthcare record (eHR) system will grow at an annual rate of 5.5 percent and reach $22.3 billion…
The cybercriminal group tied to numerous payment card breaches including Goodwill and best known by its so-called “RawPOS” malware employed legitimate user credentials to access its targets’ networks. No 0days. No spearphishing. Tim Erlin, director of security and product management at Tripwire have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire : “Using legitimate credentials is a good way to avoid getting caught. When these third-party providers are breached, it’s not their names that end up in the headlines, but the major brands affected instead. Point-of-sale system security is a challenge…
Reports earlier this week from the National Crime Agency has placed a spotlight on the seriousness of cyber attacks, with criminals working around the clock devising increasingly complex ways to steal banking credentials. Appriver has uncovered a phishing scam, purporting to be from American Express, currently circulating trying to do just this. While phishing campaigns of this nature circulate all the time, what makes this one different is the effort put in to making the site convincing. At the time of writing, this campaign continues to circulate. “Phishing sites come in a wide range when it comes to how convincing they…
Ten of the UK’s best code-breakers are competing to make the UK European cyber security champions Team players are aged 15-29 and include students at schools, colleges and universities as well as industry newcomers The team is being coached and mentored by Cyber Security Challenge UK, IRM and Raytheon The competition is taking place in Switzerland from 19-23 October UK European Cyber Security Challenge senior and junior teams Ten of the UK’s best codebreakers are representing Britain in the first European Cyber Security Challenge this week in Switzerland. The young hopefuls are battling it out in a series of cyber…