The FBI has issued a warning about hackers employing a phishing campaign using a recently patched Flash vulnerability. Federal Agencies have been a primary target. Internet Explorer for Windows 7, Firefox and Windows XP users are all at risk. Tim Erlin, Director of IT Security and Risk Strategy at Tripwire says hackers will take advantage of the Flash vulnerability because they know it takes organizations awhile to apply the patch. This would normally be a run of the mill phishing attack, but Ken Westin, Security Analyst for Tripwire says it is a perfect storm that could lead to a system…
Author: ISBuzz Team
In Conjunction with Black Hat USA 2015, Top International Security Provider Teams With Silent Signal on Hacker Challenge, Offers Prizes Such as a Ticket to BlackHat Europe 2015, MacBook Air, Lego Mindstorms BalaBit, an IT security innovator specializing in advanced user monitoring technologies and Silent Signal, a leading technology provider of state of the art ethical hacking services, has just launched the eCSI Hacker Playground. The hacker challenge is an online competition open to participants worldwide. It is specially designed for the Black Hat USA 2015 conference in Las Vegas where BalaBit will feature the competition (booth #566). The competition starts at 12:00 am…
Niara’s Certification on Cloudera Enterprise Ensures Cloudera Customers Can Extract the Most Value From Their Security Data Niara, provider of big data security analytics for advanced threat discovery and investigation, today announced a new partnership with Cloudera, the most widely adopted big data platform in the world. The recently unveiled Niara Security Intelligence solution has been tested and validated to work with Cloudera Enterprise, the leading data management platform built on Apache Hadoop. Niara Security Intelligence is now included in the Cloudera Certified Technology Program, providing customers with confidence that the joint solution has been tested and validated. “All the obvious threats are caught…
Is it safe to use webmail on work computers? Security Experts from Proficio and STEALTHbits commented on the DHS Using Webmail on Work Computers. Brian Vecci, VP of Product Management, STEALTHbits : “Third party email use has traditionally been disallowed for a simple reason: any system that’s not under the control of the organization is a risk. When someone sends an email using Gmail or yahoo, that information isn’t monitored by the organization, bypassing the policies and controls used to protect information. Just because Gmail itself hasn’t been hacked doesn’t mean that information is protected, since any individual user could have…
Aspen Institute, Intel Security Critical Infrastructure Survey Shows 86% of Respondents Want More Public-Private Cooperation; Of Those who Experienced Cyberattacks, 59% Reported Physical Damage Information technology (IT) executives within critical infrastructure organisations see a need for public-private threat intelligence sharing partnerships (86% of respondents) to keep pace with escalating cybersecurity threats, according to a survey released today by The Aspen Institute and Intel Security. A majority (76%) of survey respondents also indicated they believe a national defence force should respond when a cyber attack damages a critical infastructure company within national borders. Additionally, although most respondents agree that threats to…
Data security issues and security breaches within businesses are now a regular occurrence. Everyday it seems that we are hearing about a new cyber attack or security flaw and just recently it was announced by CEBR and Veracode[i] that cyber attacks are costing British businesses £34bn a year. A recent report from PWC[ii] found that nearly 9 out of 10 large UK organisations have suffered some form of security breach in the past year. This is made worse by the fact that nearly one third of organisations[iii] haven’t conducted any form of security risk assessment, leaving businesses vulnerable to both…
F-Secure security researchers recommend businesses migrate away from Adobe’s Flash plug-in following a recent surge in Flash-based exploits. F-Secure Labs has discovered a recent surge in the number of exploits targeting Adobe’s Flash plug-in. Given the consistent use of Flash vulnerabilities in crimeware, F-Secure is adding their voice to other security researchers, suggesting that Adobe and other companies reconsider using the popular plug-in. Flash’s vulnerabilities were thrust into the limelight, after a zero-day exploit used by the Italy-based surveillance company Hacking Team was stolen in a recent attack, resulting in its proliferation in exploits kits used by criminals. According to…
A ready-to-deploy semantic intelligent system to speed search and content analysis for precise knowledge and representation of financial domains Expert System (EXSY.MI), the leader in multilingual semantic intelligence technology for the effective management of unstructured information, announced Cogito API Finance, the first, ready-to-deploy and fully configured solution specifically designed to help financial industry developers and IT professionals speed their search and content analysis application deployments, avoiding months of engineering and design time. Combining the richest taxonomy and ontologies for the finance sector with the performance of a solid and proven semantic engine, Cogito API Finance improves the ability to effectively and accurately manage massive amounts of relevant data and…
Lighter wallets are one of the main culprits behind travelers’ ongoing search for the best deals when booking vacations online. While you may be tempted to save an extra penny, chasing offers that seem too good to be true places personally identifyable information at risk of being comprised by scammers. Despite the fact many consumers share similar online safety concerns; a recent study from Lavasoft revealed that those booking travel online continue to place higher priority on working within a limited budget than their online security. Of the more than 500 consumers surveyed regarding their experiences with common summer travel…
Recently, a new set of OpenSSL vulnerabilities was announced and a new set of patches were released. Naturally, visions of the dreaded Heartbleed bug sprang to mind — though the fresh flaw was not quite so fatal as that. But if our secure sockets layers suddenly aren’t so secure, what are we to do? At such times, it’s important to put the entire concept of data security into perspective. We know that the majority of external breaches are enabled due to issues that all organizations have control over; for example, lack of visibility into (or failure to resolve) misconfigured or…