The Nexus of Forces has introduced a Nexus of Danger, and security pros must face it head on through security automation. Large enterprises have a lot of systems to secure. Some are legacy ancients operating on long-forgotten and undocumented magic. Others are merely middle aged, quietly thumping along and getting the job done with patches on top of their patches. Still others are brand-spanking new, bleeding-edge cloud and application platforms that carry the promise of doing things that may not have even been invented yet. And now, enterprise security practitioners are freshly challenged with a new confluence of technologies —…
ISBuzz Team
News has broken that Mumsnet has reset its users’ passwords after a series of attacks, one of which involved armed police being called out to the London home of the parenting site’s co-founder. Hacker gained access to the site’s administrative functions and hijacked some accounts. There had also been an attempt to force Mumsnet offline by swamping it with internet traffic, in a distributed denial of service (DDoS) attack. Security experts from ESET, Imperva and Proofpoint have the following comments. [su_note note_color=”#ffffcc” text_color=”#00000″]Igal Zeifman, Senior Digital Strategist at Imperva : “According to news reports the attack peaked at 17,000 requests…
We have all come across scenarios throughout our lives where we have something we know we should be doing but decide it’s not quite a pressing issue- that is until it goes wrong, horribly wrong and we end up wishing we’d done something sooner. This is true for many things; from a car with a slow puncture, a tooth with a wobbly filling or the age old classic of leaving an assignment until the day it’s due. These things don’t NEED to be done immediately, that is until the tyre blows out, the filling comes loose or the assignment becomes…
The Bitdefender hack On July 24th 2015, Detoxransome tried to blackmail Bitdefender in exchange of a portion of their customer base. He threatened the company to leak the data he stole if he doesn’t receive the payment he requested. On Aug, 1st 2015, he gave some details around the reasons why he hacked Bitdefender on a post on Reddit. He was upset because no one paid attention to him after he allegedly hacked Louis Vuitton. Thus, he decided to hack a bigger fish. What Detoxransome was up to before July 24th, 2015 We retraced his criminal forum activity back to…
Password-Based Authentication No Longer Capable of Meeting Modern Security Demands LaunchKey, the leading mobile authentication platform, released findings from a recent survey which found that password-based authentication is no longer capable of meeting the demands of modern information security. According to survey data, an overwhelming 84% of respondents would support eliminating passwords all together. Additionally, more than three-fourths of those surveyed (76%) feel their data would be more secure with an alternative form of verification, with 59% preferring fingerprint scans over passwords. Nearly half of the survey respondents (46%) said they currently have more than 10 passwords to manage, and…
The U.S. Internal Revenue Service (IRS) has reported that the hack into its computer databases, was much more extensive than first thought. The IRS said tax return information of about 114,000 U.S. taxpayers had been illegally accessed by cyber criminals over the preceding four months, with another 111,000 unsuccessful attempts made. A new review has identified 220,000 additional incidents where data was breached, the tax collection agency said. It identified another 170,000 suspected failed attempts by third parties to gain access to taxpayer data. Former FBI cyber agent and security experts from tripwire and lancope commented on IRS breach. [su_note…
In order to make it even easier for you to detect whether your Android device is vulnerable or not, we have launched an app that you can download directly from Google Play. Black Hat and DEF CON, security researcher Joshua Drake published his findings about a vulnerability in the heart of Android that could allow attackers to steal information from Android devices through remotely executed code via a maliciously crafted MMS. According to the Zimperium zLabs researcher, up to 950 million devices could be vulnerable. Since this was dubbed one of the biggest vulnerabilities ever, we’re summing up a quick FAQ…
StratoKey Offers Best-In-Class Encryption, User Behavioral Analysis and Countermeasures All in One Central Solution StratoKey announced it is expanding operations of its intelligent cloud data protection solution to the United States. The company is expanding to Austin, Texas to bring its cloud data protection solution to the U.S. market. Founded in 2012 in Australia, StratoKey provides organizations with the tools necessary to conduct secure and compliant business in the cloud. With best-in-class encryption, user behavioral analysis and countermeasures that help thwart data breaches, StratoKey expertly performs the tasks of cloud data protection in one central solution. “At StratoKey, we have…
With the first six months of 2015 behind us and unsolicited email volume data for the first half of the year available, Proofpoint is releasing its mid-year threat report which analyses what the threats of 2015 to-date can tell us about the evolving threat landscape. Reviewing the first six months of 2015, the main trends that emerge are: The EU sends out the most unsolicited mail As in 2014, the volume from each country as a percentage of total unsolicited email was relatively constant, with the EU consistently accounting for around 15% of total unsolicited email, and the others accounting…
Profiles show mix of graduates, professionals and cyber-enthusiasts amongst UK’s top cyber talent Students keen to hear from employers looking to bring world-class cyber expertise on board The SANS Institute, the world’s largest and most trusted source of information security training, has announced the profiles of its final 32 Cyber Academy students – a mix of recent graduates, cyber enthusiasts, military-leavers and professionals – who are preparing to undertake an intense eight weeks of cyber training at the first ever SANS Cyber Academy. The inaugural Academy cohort is made up of seven recent graduates, 21 people who have begun working…