Guillaume Ross, Senior Security Consultant, Strategic Services, Rapid7 commented on the latest news that more than 225,000 Apple accounts have been stolen by sophisticated malware that targets modified iOS devices, according to Palo Alto Networks. [su_note note_color=”#ffffcc” text_color=”#00000″]Guillaume Ross, Senior Security Consultant, Strategic Services, Rapid7 : “The KeyRaider iOS Malware discovered by WeipTech and researched in collaboration with Palo Alto Networks only affects jailbroken iOS devices. The malicious software was distributed on a specific repository for jailbroken iOS devices (Weiphone’s Cydia Repositories), and abused Cydia Substrate (formerly MobileSubstrate), a software package that is only used on jailbroken devices. KeyRaider uploaded information…
ISBuzz Team
Bryan Lillie, Chief Technical Officer, Cyber Security, QinetiQ commented on the Baby monitor hack. [su_note note_color=”#ffffcc” text_color=”#00000″]Bryan Lillie, Chief Technical Officer, Cyber Security, QinetiQ : “We are still a long way from makers of connected devices appreciating the security risks, let alone users appreciating them. Expect to see a lot more of these flaws exposed over the next couple years – hopefully by researchers rather than hackers.” Hijacking baby monitors is a particularly chilling invasion of our privacy, but cameras and microphones are everywhere and the implications are huge, from secretly recording private business video-conferences to controlling CCTV cameras in…
Report provides five-year threat retrospective, GPU malware assessment, and techniques for exfiltrating data from corporate networks; ransomware rises 127% from Q2 2014 to Q2 2015 Intel® Security today released its McAfee Labs Threats Report: August 2015, which includes a critique of graphics processing unit (GPU) malware claims, an investigation of the top cybercriminal exfiltration techniques, and a five-year retrospective on the evolution of the threat landscape since Intel Corporation’s announcement of the McAfee acquisition. McAfee Labs commemorates the five-year anniversary of the Intel-McAfee union by comparing what researchers thought would happen beginning in 2010 with what actually happened in the…
The volume and severity of threats is increasing every year, which means that it’s more important than ever to detect active infections swiftly. However, achieving this against the ever growing mountain of security alerts that teams now face is a significant challenge. Balancing the limitations of both staffing and budgets against the sheer volume of alerts that are received, means that there are often some tough choices to make when it comes to evaluating which security alerts should be investigated. In fact, findings from a recent report by the Ponemon Institute with organisations across EMEA suggests that IT teams are…
CryptoFlow Solutions Protect Any Enterprise Application for Any User on Any Device over Any Network Certes Networks, a leading innovator in software-defined security solutions to protect enterprise applications, today announced the company’s award-winning CryptoFlowÒ product suite supports Crypto-Segmentation, enabling end-to-end protection of sensitive enterprise applications both inside and outside the traditional enterprise perimeter. Certes CryptoFlows are the industry’s first software-defined security solution for safeguarding enterprise applications over any network for any user on any device. They enable “frictionless enterprise” deployments of networked applications to be rolled out without increasing risk while blocking the top attack vector used in hacking attacks…
Netwrix lists the most common compliance questions asked by auditors Many organisations still fail to provide answers to fairly simple questions asked by external IT auditors, according to Netwrix. Despite popular frameworks designed to help companies pass compliance audits, according to the 2015 Verizon PCI Compliance Report, around 80% of companies still failed to comply with all the requirements of PCI. “By treating validation tests as a tick-box exercise, companies often focus their efforts on creating an illusion of compliance rather than trying to actually fulfil the requirements,” says Michael Fimin, CEO and co-founder of Netwrix. “Such an approach does more…
News Highlights: Retailers can improve service and enhance security by enabling floor staff to access the information they need by simply tapping a smart card to their tablet. Healthcare organisations simplify electronic prescription signing and enterprise users have easier access to cloud applications as HID Global and Microsoft continue to collaborate on improving the security-enhanced experience across mobile devices. HID Global hosted a webinar on mobile authentication, mobile trends, and the results from a mobile study; the two companies will jointly host part two of the public webinar series later this year. HID Global®, a worldwide leader in secure identity…
How regular software patching checks can help a business stay breach free Software patching across an IT estate is a bit like taking a car for its annual service: you know you should do it, but it can often lead to unpleasant surprises, exposing a range of unexpected problems which need to be fixed. Not least because the complexity and interdependencies of software mean that fixing one problem may well introduce another, causing a knock-on effect across systems and the potential for downtime or loss of service. Yet with cyber-attacks a continuous threat to organisations, the work of maintaining systems…
It’s reported that the White House is drafting unprecedented sanctions specific to Chinese companies and individuals who have profited from the digital theft of U.S. trade secrets (although no decision is yet made on whether such sanctions will be issued), and that Russia and China are cross-indexing stolen information to target, recruit or blackmail operatives. VASCO and STEALTHbits commented that unprecedented economic sanctions against Chinese companies. [su_note note_color=”#ffffcc” text_color=”#00000″]John Gunn, VP of Communications, VASCO Data Security : “People need to keep their expectations extremely low because this issue is far bigger than cyber espionage. America’s addiction to cheap Chinese products combined with the…
Hundreds of store managers exchange confidential information with the help of Intralinks VIA to keep competitive advantage Intralinks® Holdings, Inc. (NYSE:IL), announces a new customer win; one of the leading French retail groups with 800 brands under its name, Système U. Système U will use Intralinks VIA® to secure confidential data shared between store managers, helping the organisation to maintain competitive advantage against rival retail groups. The company reviewed a number of vendors, including its incumbent system, and decided that Intralinks VIA was the best solution to help ensure the security of its confidential information. Prior to the deployment of…