Microsoft ran out of time, imposed by HP’s Zero Day Initiative (ZDI) to fix four critical security vulnerabilities in the mobile edition of Internet Explorer, Cris Thomas, strategist of Tenable Network Security commented on the IE Zero day vulnerability. Cris Thomas, Strategist of Tenable Network Security : “Unfortunately two of the big kids in our industry are having a little spat over vulnerability disclosure, again. As enterprises focus on getting business done we really have little time to obsess over whether or not companies are fixing vulnerabilities fast enough or are being irresponsible in disclosing them. There will always be 0-days. As…
Author: ISBuzz Team
NYSE technical glitch highlights concerns as to when an organisation should invoke its DR plans Deciding whether to failover to a secondary site or wait it out and fix the problem in-house still remains one of the toughest decisions businesses face during an outage. This is according to Oscar Arean, technical operations manager from disaster recovery service provider Databarracks. Recently, the New York Stock Exchange (NYSE) was forced to suspend trading for three hours following a major technical glitch. The decision to cease trading rather than failover to its Chicago recovery centre is one that has created much debate. Arean…
Renowned ‘whistleblower’ to present his views LIVE via satellite to Andrew Neil, on the state and future of national cyber security Renowned former NSA employee Edward Snowden will deliver a keynote speech this year at Europe’s number one IT event, IP EXPO Europe 2015, taking place at London’s ExCel. Joining the event live via satellite on Wednesday 7th October, Snowden will share his views on the implications of national cyber security today. Famous for his ‘whistleblowing’ against NSA in 2013 which has since fuelled thousands of debates over mass surveillance, government secrecy and national security, Snowden will be interviewed live…
Attackers Fooled Google Spam Engine With Phishing Emails That Lured Victims to Google Drive-Hosted Malicious Web Pages Used to Steal Users’ Credentials Elastica (www.elastica.net), the leader in Data Science Powered™ Cloud Application Security, released findings around a new Google Drive-based advanced phishing campaign initiated by unknown attackers. The attackers used JavaScript code obfuscation and compromised websites in order to steal end-user account credentials using Google services. According to Elastica researchers, the attackers deployed a JavaScript encoding mechanism to obfuscate Web page code that could not be easily read. Attackers were able to reach a wider network of end users by…
You may have seen news that a vulnerability has been discovered in Android software Stagefright, which lets attackers send malware directly to any device where they know the phone number. Chris Wysopal, CISO and CTO at Veracode, the application security specialists commented on the news that a vulnerability has been discovered in Android software Stagefright. Chris Wysopal, CISO and CTO at Veracode : “This is Heartbleed for mobile – a remotely exploitable vulnerability that affects millions of Android-based phones and tablets. These are exceedingly rare and pose a serious security issue for users since they can be impacted without having…
New Lieberman Software survey reveals that despite companies employing more IT security staff than ever before, the hackers are still winning Despite organisations employing more IT security personnel than they ever have in the past, a new survey from Lieberman Software Corporation reveals that a third of companies do not feel this is making them more secure because cyber attacks are evolving at too fast a pace for them to keep up with. The survey, which was carried out at RSA Conference 2015, studied the attitudes of nearly 200 IT security professionals and it revealed that 67 percent of organisations…
Background The following intelligence report was generated using the Cytegic DyTA intelligence platform. The report represents the most interesting and note-worthy cyber-trends that were identified using DyTA. Executive Summary When analyzing the activity and behavior of Muslim and Arab-affiliated hackers (Hacktivists, NationStates, Sensationalists and Terrorists) before and during the month of Ramadan we came to realize several interesting trends and patterns: During the period (the ninth month of the Islamic calendar), which started this year on the 17th of June, the “cyber activity” level of Muslim and Arab-affiliated attackers is low compared the previous months There is a significant drop…
India is the first region in which the Linux Foundation will offer country-specific pricing on select training and certification products The Linux Foundation, the nonprofit organization dedicated to accelerating the growth of Linux and collaborative development, today announced the availability of country-specific pricing for its Essentials of System Administration course and Linux Foundation Certified System Administrator exam for individuals in India. Beginning today, individuals with an Indian issued credit card and address can register for a course plus exam bundle for an introductory rate of 5,000 Indian rupees (US$79). Part of The Linux Foundation’s mission is to grow the…
Imperva Incapsula DDoS Protection received highest score in Current Offering category Imperva Inc. (NYSE: IMPV), committed to protecting business-critical data and applications on-premises and in the cloud, announced that Forrester Research Inc. has rated the Imperva Incapsula DDoS Protection solution as a Leader in The Forrester Wave™: DDoS Services Providers, Q3 2015 report results. Imperva was also top ranked in the current offering category.[i] “Incapsula DDoS Protection has won numerous awards and we believe this recognition in the 2015 Forrester Wave™ DDoS Services Providers is another reflection of the comprehensiveness and effectiveness of our offering,” said Marc Gaffan, General Manager…
Authorities arrested four in Israel and Florida, and disclosed a securities fraud scheme tied to the JP Morgan Chase hack. Security experts from VASCO Data Security and STEALTHbits commented on the re JP Morgan Hack Arrests. John Gunn, VP of Communications, VASCO Data Security : “Giving these low-level scammers credit for the JPMorgan compromise is analogous to saying that the small-time drug dealer on the corner is a leader of a Mexican drug cartel. If there is a connection, it’s that these guys simply purchased compromised email addresses, of which there are more than a billion available on the dark…