Researchers from Proofpoint have detected a campaign of millions of messages directed at organizations in the US and UK. The campaign employs a straightforward voice message lure with a LNK attachment – an unusual but not unheard of method of malware delivery. The use of LNK files to deliver malware in phishing emails is unusual but not unheard of [1], and this campaign caught the eye of at least one other security researcher [2]. In some versions of Windows the “wav.lnk” file was represented with a Windows audio file (WAV) icon, while in others a generic file icon was displayed.…
Author: ISBuzz Team
Leading UK and US penetration testing certification bodies join forces in global drive to professionalise cyber security sector CREST, the UK-based, not-for-profit accreditation body that represents the technical information security industry, has announced a partnership with Offensive Security, one of the leading US cyber security training and certification bodies. The new transatlantic relationship reflects a new era for certifying cyber security professionals across the globe to drive up levels of technical expertise in the fight against increasingly sophisticated criminal and state-sponsored cyber attacks. Rowland Johnson, CREST International Development Executive, comments: “CREST already has a strong international presence including a Chapter…
Industry Luminary Phillip Dunkelberger Joins myPINpad’s Board myPINpad, the world’s first consumer authentication company set to deliver multi-channel and multi-factor authentication via the Cardholder PIN, is pleased to announce the appointment of Phillip Dunkelberger to its Board, effective immediately. Phillip is an IT industry luminary with more than 30 years’ experience. He is best known for his role as co-founder and CEO of PGP Corporation, the leader in the Enterprise Data Protection market, until it was acquired by Symantec in 2010. In 2013 Phil became CEO of Nok Nok Labs, a founding member of The FIDO (“Fast Identity Online”) Alliance, an industry consortium…
Criminals spying on high-value targets in Ukraine, Russia and Belarus, and their encrypted data. ESET, a global leader in IT security for more than two decades, presents Operation Potao Express, an extensive analysis of the cyberespionage group behind the Win32/Potao malware family. Win32/Potao is an example of espionage malware. It has been detected mostly in Ukraine and a number of other CIS countries, including Russia, Georgia and Belarus. The Potao family is a typical cyberespionage trojan that steals passwords and sensitive information in order to offer them to the attackers’ remote server. Similar to BlackEnergy, Potao was use to spy on…
In August 2014, the US-based Institute of Internal Auditors Research Foundation published (together with ISACA at their 2014 GRC joint conference) a research report focused on what the Board of Directors needs to ask in relation to Cyber Security. As approach the 2015 GRC Conference – to be held in Phoenix, AZ on 17-19 August – J.C. Gaillard of Corix Partners offers his views on the 2014 report, and his own take on the key questions the Board of Directors should consider around Cyber Security. Deconstructing the 2014 report At high level, the 2014 report is still very relevant and…
Google is embarking on a countrywide roadshow this summer to inform and train the public on how to be safer and more secure online. On the back of new Google search insights that indicate Brits are increasingly concerned about how to control the security of their data online, the company is visiting five cities and over 30 schools over the next few months. Roadshow across five cities and over 30 schools kicks off in Leeds on 7 August. Google security experts to host free workshops and consultations over three months. Workshops follow release of new Google data that reveals over…
There’s no doubt that organisations of all sizes and across industries are drowning in big data, and the volume of information being collected will only continue to increase in the coming years. Hard drives, servers, file cabinets and storage facilities across the UK are at capacity. What most people don’t know, however, is that massive amounts of data are also leading to cluttered archives and inefficient strategies that keep organisations from mining insights that could otherwise improve business outcomes. What is data archiving and why is it important? Not to be confused with data backup, point in time copies of…
News has broken that United Airlines have been breached by the group of China-backed hackers believed to have been behind the Anthem breach. They detected the attack in May or early June, and among the data stolen are manifests including information on their flights’ passengers and their destinations. Experts from Tripwire, STEALTHbits, Securonix, Proficio, and Secure Channels commented on the breach of united airlines by the hackers. Tim Erlin, Director of Security and Product Management at Tripwire : “If investigators are accurate in attributing these attacks to the same group, they have amassed a vast database of information that could be used for multiple purposes, from…
Speakers – Black Hat USA 2015 Several members of NCC Group’s expert research team have had talks accepted at Black Hat USA 2015. Briefings Andy Davis, research director at NCC Group Andy Davis has worked in the information security industry for more 20 years, performing a range of security functions throughout his career. Recently, Andy has been leading security research also been developing new techniques for software vulnerability discovery. Talk title: Broadcasting Your Attack: Security Testing DAB Radio in Cars Daniel Mayer, senior consultant at NCC Group, formerly Matasano Security Daniel is an expert on iOS application security and developed…
Delivers industry’s first visibility solution that includes stateful SSL decryption to improve application performance and security forensics Ixia (Nasdaq: XXIA), a leading provider of application performance and security resilience solutions, announced it has extended its Application and Threat Intelligence (ATI) Processor™ to include stateful, bi-directional SSL decryption capability for application monitoring and security analytics tools. Stateful SSL decryption provides complete session information to better understand the transaction as opposed to stateless decryption that only provides the data packets. As the sole visibility company providing stateful SSL decryption for these tools, Ixia’s Visibility Architecture™solution is more critical than ever for enterprise…