Following the comments made by MI5 Director General Andrew Parker that data encryption technology was creating a situation where police and intelligence agencies “can no longer obtain under proper legal warrant the communication of people they believe to be terrorists”. Dr Nithin Thomas, founder and CEO of cybersecurity firm SQR Systems, said “It is vital for organisations to have full control of their data to ensure user privacy without compromising their compliance to the legal system and assistance with investigations”. [su_note note_color=”#ffffcc” text_color=”#00000″]Dr Nithin Thomas, Founder and CEO of cybersecurity Firm SQR Systems : As pointed out by Andrew Parker,…
Author: ISBuzz Team
Research shows most security breaches are down to people inside the organisation. Workers say this needs to be addressed by HR policy and procedure as well as technology New research shows that most employees see information security as an HR issue and want companies to develop better HR policies and practices to help safeguard private company data. The research, by data loss prevention company Clearswift, gathered views from over 4,000 employees in the UK, USA, Germany and Australia. Over three quarters, 76%, of UK employees said there should be a disciplinary process for people who leak sensitive business information. Whilst…
Android has a major chink in its armor called the Stagefright Android Hack. In this hack, an innocuous looking video-embedded message that you receive on your Android device becomes the threat. Sent by an attacker, this MMS message can be used to gain access to your device and personal data. But there is a catch. You don’t even have to open the message and view the video to fall prey to it. Also, it is not necessary that the MMS is laced with a malicious code. It will appear and behave like a normal message but with a difference. Using…
Infoblox Introduces First Enterprise-Grade DDI solution with Identity Mapping Infoblox Inc. (NYSE:BLOX), the network control company, announced Infoblox Identity Mapping, which bridges the gap between network security and user identity by intelligently correlating two previously separate sets of data, making it easier for network administrators to locate the source of security events, track mobile devices, monitor network usage and more. Infoblox is the industry leader in enterprise-grade DNS, DHCP and IP address management, the category known as DDI. With Infoblox Identity Mapping (www.infoblox.com/identity-mapping), IP address tracked by Infoblox can be linked to user authentication events in Microsoft Active Directory logs…
F-Secure Labs links nearly a decade of state-sponsored cyberattacks to a group of hackers backed by Russia. A new report published by F-Secure Labs links a number of state-sponsored cyberattacks to a hacking group engaged in Russian intelligence gathering. The whitepaper provides an in-depth analysis of a hacking group called “The Dukes”, and outlines over seven years of its attacks against governments and related organisations in the United States, Europe and Asia. The report provides a detailed account of “The Dukes” – a group of attackers using a family of unique malware toolsets used to steal information by infiltrating computer…
Industry leader delivers add-on tools to improve workflow efficiency Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, announced a suite of new reporting and analytics applications for Tripwire® Enterprise, an industry-leading security and compliance management solution. Tripwire Apps allow users to improve workflow efficiency through integration with IT Service Management solutions. Current apps include: Tripwire Enterprise Integration Framework, Tripwire Enterprise Commander and Tripwire Event Sender. “We continue to look for new ways to expand the strategic value of Tripwire Enterprise for our customers,” said Jeff Simon, vice president of professional services for Tripwire. “We are actively…
The Internet can be a great place to hide. There are over 300 million domain names, over 4 billion IP addresses and many more nameservers, hostnames and email addresses within the infrastructure of DNS. Criminals make use of all of these resources to attack their targets, moving often and hiding in plain sight behind Whois privacy and shared hosting environments. Within this context, threat intelligence analysts and incident response professionals must make critical decisions about proper defenses or countermoves. They need reliable information quickly, and must arm themselves with the best tools and data in order to expose threat infrastructure…
The world’s biggest maker of routers is fighting a startlingly effective new cyber attack. Security researchers say they have uncovered clandestine attacks across three continents on the routers that direct traffic around the internet, potentially allowing suspected cyber spies to harvest vast amounts of data while going undetected. Lamar Bailey, vulnerability and exposures team leader at Tripwire commented on the routers under cyber attack. [su_note note_color=”#ffffcc” text_color=”#00000″]Lamar Bailey, Vulnerability and Exposures Team Leader at Tripwire : Routers are one of the Holy Grail targets for attackers because they lie outside of many normal security protections. It appears that attackers have…
A US Judge paves way for banks to sue Target over data breach. Security expert from Spikes Security and STEALTHbits commented on banks suing Target over massive data breach just got a huge boost in their case. [su_note note_color=”#ffffcc” text_color=”#00000″]Franklyn Jones, CMO, Spikes Security : “This is a tough one. I can sympathize with the banks that want reimbursement. But Target takes cyber security very seriously and likely invested in all the best-of-breed security solutions – which unfortunately failed to protect them. So maybe Target should file their own suit against those security vendors, and ask for reimbursement as well.”[/su_note] [su_note…
As the take up of cloud computing continues to increase, it’s fair to say that most with even a cursory association to IT have developed some kind of opinion on this revolutionary technology. While thousands of ardent fans sing its praises and strongly encourage its adoption, an equal number of critics tell tales of cloud catastrophe and urge caution to all who will listen. So which side is to be believed? And what are the real truths behind cloud computing? We take a look at some of the most persistent myths in order to debunk, demystify and educate. The Cloud…