Adopting a big business ethos can significantly reduce avoidable data losses New research has revealed that human error is still the leading cause of data loss for organisations in the UK. The findings come as part of Databarracks’ Data Health Check report, a survey of over 400 IT decision makers. The report, published last week, revealed that 24 per cent of organisations admitted to a data loss caused by employee accidents in the last 12 months. Other high-scoring causes of data loss included hardware failure (21 per cent) and data corruption (19 per cent). Oscar Arean, technical operations manager at Databarracks, elaborated…
Author: ISBuzz Team
Grant Thornton global survey finds that one in six businesses have experienced a cyber attack in past year New research from Grant Thornton International Ltd reveals that cyber attacks are taking a serious toll on business, with the total cost of attacks globally estimated to be more than £200bn (US$315bn*) over the past 12 months. The UK government has classified cyber security as one of the four top threats to the UK, alongside natural disasters, international terrorism and military invasion. The Grant Thornton International Business Report (IBR), a global survey of 2,500 business leaders in 35 economies, reveals that more…
ESET finds popular game titles such as Plants vs Zombies, Candy Crush or Super Hero adventure are being used to deliver backdoor Trojan directly onto Android devices via the official Google Play Store. ESET labs detected arcade games that install the Trojan as Android/TrojanDropper.Mapin and the Trojan itself as Android/Mapin. This malware is capable of taking control of the victim’s device and make it part of a botnet under attacker’s control. Moreover, Android/Mapin has one addition that makes the detection more complicated – a timer that delays the execution of the malicious payload so victims won’t suspect a game infected…
In response to a new piece of research from ESET which shows that cybercriminals are using popular arcade games such as Plants vs Zombies, Candy Crush or Super Hero Adventure to deliver backdoor Trojans directly onto victims‘ devices, Craig Young, security researcher at Tripwire have the following comments. [su_note note_color=”#ffffcc” text_color=”#00000″]Craig Young, Security Researcher at Tripwire : “The approach of infecting popular software packages is a long-standing tradition with malware authors stemming back to the earliest days of the Internet. Back then it was warez sites distributing pirated software and key generators laden with trojans and today it is taking…
A few days ago, a mainstream media channel asked the Damballa Threat Discovery Center our opinion about the newest and biggest cyber threats facing US business and law enforcement. We responded that the business of Zero Day exploits is on the rise. Zerodium, a Zero-Day buy and sell market launched by Vupen, (a vulnerability and exploit broker) announced they would offer a $1 million dollar bounty for any iOS 9 exploit or jailbreak. This follows their announcement last week about bounties they were in the market for, including mobile exploits, browsers, Flash and Microsoft Office. While security forums don’t have…
Over the weekend researchers found that hackers had infected an unauthorized and compromised version of Apple’s Developer Toolkit which developers used to create iPhone and iPad apps. This first of its kind security breach prompted Apple to take down more than 3 dozen apps from its Apple store. Tripwire security experts commented on the supply chain impact of both the Apple hack and news of a breach of medical records on AWS. [su_note note_color=”#ffffcc” text_color=”#00000″]Ken Westin, Security Analyst for Tripwire : This particular attack is significant as it has a widespread impact, has successfully circumvented Apple’s code review process and…
Mark James, security expert at IT security provider ESET commented on the following news that the website belonging to the Kardashians has exposed the names and email addresses of more than half a million users. [su_note note_color=”#ffffcc” text_color=”#00000″]Mark James, Security Expert at IT Security Provider ESET : “This is what can happen when you take a massive, potential money making scenario and apply an urgency to get it off the ground without thoroughly looking into the security aspect of how you’re going to protect all the vulnerable peoples data you will collect. The Kardashians have a massive following, Kim alone…
ACI expands leading role within global, European and U.S. faster payments initiatives ACI Worldwide (NASDAQ: ACIW), a leading global provider of electronic payment and banking solutions, announced its involvement in several key boards and councils around the globe all with a singular focus of driving industry standards for real-time and immediate payments. Immediate payments is a near-term initiative that banks must embrace strategically in this age of ongoing banking and payments disruption. ACI Universal Payments empowers these organizations with end-to-end enterprise payments capabilities— accelerating time to market, reducing risk, growing revenues and controlling costs. European Faster Payment Initiatives The Scheme Management Board (SMB)…
As the NHS uses a more diverse range of application suppliers, the organisation still needs to ensure that data protection standards are met. The recent news that many NHS-accredited smartphone healthcare applications are leaking data demonstrates that NHS England’s Health Apps Library isn’t approving software that meets public sector standard requirements. Simone Hume, Head of Public Sector at Cloud Services Provider Outsourcery comments: “The NHS is facing a critical challenge to save money and become more efficient at treating patients. Deploying innovative applications will be central to achieving this, but there is no room to cut corners by using app…
Earlier this year, researchers published analyses of targeted attack known as Operation Arid Viper [1] (aka Desert Falcons [2], aka DHS) directed primarily at organizations in the Middle East. Delivering a backdoor and spyware, this campaign was designed to steal information from infected systems using a malware client capable of filtering out “uninteresting” files, and spread primarily via a targeted phishing email usually promising a pornographic video. The infection chain described in the initial analyses was fairly straightforward: To access the video content, the recipient had to open an attached RAR archive file – or less frequently, click a link…