We’re halfway through National Cyber Security Awareness Month (NCSAM), and we’ve seen hundreds, if not thousands, of tips and tricks that users should follow to keep their data safe. The security of public WiFi connections has been a hot topic over the past few years, as more and more users are connecting to networks in their favorite coffee shops, retail stores, and even Mount Everest. It’s well documented that cyber criminals are using basic tactics to steal data — whether it’s setting up a private hotspot with a humorous name to entice users to join, or using sniffing tools to…
ISBuzz Team
A rash of hacking attacks on U.S. companies over the past two years has prompted insurers to massively increase cyber premiums for some companies, leaving firms that are perceived to be a high risk scrambling for cover. On top of rate hikes, insurers are raising deductibles and in some cases limiting the amount of coverage to $100 million, leaving many potentially exposed to big losses from hacks that can cost more than twice that. [su_note note_color=”#ffffcc” text_color=”#00000″]Ken Westin, Security Analyst for Tripwire : “Insurance is gambling with risk, and insurers need to ensure the house wins, they do this with…
Newly discovered Android malware dubbed Kemogeis capable of flooding infected devices with unwanted advertisements. The malware is seeded in what looks like legitimate apps that are being offered on third-party app stores, with users being tricked into installing the Kemoge-containing apps through advertisements. [su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire : “Android’s support for third party app stores is a double-edged sword. Users gain the benefits of a broad eco-system of app providers, but the cost can be very high when they download an infected app. Kemoge is unusual in that so far its objective…
A banking trojan, detected by ESET as Win32/Brolux.A, is targeting Japanese internet banking users and spreading through at least two vulnerabilities: a Flash vulnerability leaked in the Hacking Team hack and the so-called unicorn bug, a vulnerability in Internet Explorer discovered in late 2014. Both exploits are (still) distributed through an adult website and try to install a signed malicious binary designed to steal personal information from the victim. The spreading mechanism reminds us of another banking trojan specifically targeting Japanese financial institutions, Win32/Aibatook. Infection When a user visits the malicious adult website, he is exposed to an exploit targeting…
Many organizations are turning to a new mechanism to deliver customer care: social media. A preferred communication channel for many consumers, social media provides a low-cost model for the business to respond to inquiries. However, any time a communication link between a business and consumers appears, bad actors and criminals look for ways to take advantage of it. Social is no exception, and Proofpoint Nexgate researchers increasingly see hackers, scammers and pranksters use fraudulent customer care accounts to phish credentials, steal personally identifiable information (PII) and compromise brand reputations. Bank Account Credential Phishing One of the most significant attacks we…
Microsoft Azure customers worldwide have immediate access to award-winning data-centric information security solution Watchful Software, a leading provider of data-centric information security solutions, announced that its award-winning information security solution, RightsWATCH, is now available to be launched as a certified Microsoft Azure Marketplace Offering. Through the Microsoft Azure Bring Your Own License (BYOL) offering, RightsWATCH is immediately available to a worldwide audience in the Azure environment. In keeping with Microsoft’s cloud deployment and optimization strategy, Azure users now have immediate access to launch and implement one of the industry’s leading data-centric classification engines, while no longer requiring extra hardware expense and…
It’s finally here – the day that Marty McFly and Doc Brown will arrive in their time travelling DeLorean. Wearable technology, multi-channel television and the odd 1980’s Apple Macintosh in an antique shop will all come as no surprise. They might be a little disappointed, however, to discover that the future they have arrived in doesn’t possess all the cool tech like Fusion reactors, holographic projection and more importantly real hoverboards, that will enable them to avoid the unwanted attentions of characters like old Biff, Needles and Griff. However, in the place of this missing tech they’ll find the Internet,…
Applications Manager Visualises Application Interdependencies in Complex Environments; Adds Support for Lync 2013, BizTalk, Dynamics CRM Expedites application troubleshooting by pinpointing associated components Quickly estimates the service impact of downtimes or failures Download Applications Manager 12.4 ManageEngine, the real-time IT management company, announced the availability of runtime application discovery and dependency mapping in Applications Manager, its application performance monitoring solution. Now, enterprises can rapidly visualise and understand application relationships in complex, dynamic environments by drastically trimming down the time and effort required for accurately mapping multi-tier applications to their underlying infrastructure components. The company also announced Applications Manager now offers comprehensive…
When you give your personal information to a financial institution, government, or insurance company, you have a certain level of trust that they will do everything in their power to keep it safe. It’s easy to forget that at the same time you’re filling out paperwork online, in the dark world of cybercrime, hackers are doing everything in their power to get your information. Yes, your information. And yes, the UK’s National Crime Agency warning that cyber criminals are constantly coming up with new ways to hack victims is worrying, but its not the only weapon in the hackers arsenal.…
More than six months since The Register reported that Virgin Media had failed to move away from weak encryption software used on sensitive areas of its website – the ISP is yet to hit the upgrade button. Tim Erlin, director of security and product Management at Tripwire have the following comments on it. [su_note note_color=”#ffffcc” text_color=”#00000″]Tim Erlin, Director of Security and Product Management at Tripwire : “It’s in everyone’s best interest, except for cybercriminals, to use the strongest encryption feasible when communicating with a website. The problem lies in the fact that ‘strongest’ is ephemeral, and what passes muster today…