The Human Factor 2015 Close-up: What are users clicking on When we published The Human Factor for 2015 in April we provided an overview of the findings, which could be summarized as a shift by cybercriminals to targeting business users. This change occurred very rapidly over the latter half of 2014, and was visible in every aspect of the unsolicited email campaigns attackers launched, from the users they targeted and the times they sent the messages to the delivery techniques. One area where the rapid change in tactics was particularly apparent was the message templates attackers used in 2014, and…
Author: ISBuzz Team
ESET offers the first analysis of the latest cyber-espionage threat from the group responsible for Babar and Bunny ESET®, a global pioneer in IT security for more than two decades, has today published an in-depth research article entitled ‘Dino – the latest spying malware from an allegedly French espionage group analysed’. ESET research found further evidence to suggest that this technically complex backdoor Trojan used for espionage purposes was coded by French speakers. Created by the notorious Animal Farm espionage group – the team behind the sophisticated malicious attacks Casper, Bunny and Babar. “Dino is basically an elaborate backdoor Trojan,…
Cybersecurity experts from Tripwire, Proficio and Securonix commented on CIA-backed company Recorded Future’s report of stolen government log-ins all over the Web Visit HERE. Ken Westin, Senior Security Analyst, Tripwire (www.tripwire.com): “There are massive amounts of information available on the Internet from various data breaches, and these data allow attackers to easily identify and correlate a variety of personal information. Personal email addresses, social media accounts and other data may also be available as well as work email and login credentials from other breaches. Pastebin searches bring up a number of compromised accounts from recent breaches, but it’s likely these…
Mobile apps have been increasingly gaining ground in the communication industry. Enterprises are rapidly adopting innovative mobile applications to transform their business capabilities as the mobile presence is critical for businesses to attract, retain and communicate with customers; it has become an integral part at both work and in their personal lives. The newer mobile computing technologies are increasingly embraced by the consumers across the globe, and this exponential growth of mobile devices and business applications has attracted a large number of well-organized cyber criminals and independent hackers, who are seeking monetary benefits with highly competent modus operandi. Some Key…
The new .bank gTLD has launched today in the US and promises to offer better online security for banks and their customers. But with the roll out of 1,400 new gTLDs, Gunter Ollmann from NCC Group comments on whether this is the safest place on the internet for banks to be. Gunter Ollmann, CTO of NCC Group’s Domain Services division : “For .bank, the level of security provided is crucial. Consumers need to be absolutely certain that their personal and financial details are safe. Open generics aren’t good for businesses or customers alike unless security has been given the utmost…
INSIDE Secure’s FIPS Certified Cryptographic Module Validated on Trustonic’s Trusted Execution Environment (TEE) helps mobile payment, IoT and enterprise solution providers meet demands for applications, devices and network communications that comply with government standards INSIDE Secure (Euronext Paris:INSD), a leader in embedded security solutions for mobile and connected devices, announced availability of SafeZone FIPS cryptographic module version 1.1—the industry’s first FIPS certified cryptographic module validated on a Trusted Execution Environment (TEE). With the joint INSIDE Secure and Trustonic solution, payment, IoT, enterprise and other mobile solution providers can quickly and cost effectively meet market demands for government grade security without…
Cloud Security Open API Working Group to standardize key data security best practices for CASB deployments Recognised as the fastest-growing segment of cloud security, the cloud access security broker (CASB) space is still an emerging one where standards have yet to coalesce. To fill this gap, CipherCloud, the leader in cloud visibility and data protection, and the Cloud Security Alliance (CSA) are forming a Cloud Security Open API Working Group to jointly define protocols and best practices for implementing cloud data security as a part of the CASB framework. Deloitte, InfoSys, Intel Security, SAP and other technology leaders will also contribute. The Cloud Security Open API Working Group will…
Adobe Systems have released an emergency update to fix a dangerous security hole in its widely-installed Flash Player browser plugin. The company warned that the vulnerability is already being exploited in targeted attacks, and urged users to update the program as quickly as possible. Following this news, Mark James, Security Specialist at IT Security firm ESET and Amichai Shulman, CTO of Imperva explains why Adobe Flash is targeted so often and what users should do to protect themselves. Mark James, Security Specialist at IT Security, ESET: “Since Flash is such a widely used plugin, it stands to reason that it will…
Isla appliances work transparently with all modern browsers, securing local and remote users on all platforms, including Windows, OSX, Linux, Android, iOS, and Blackberry Spikes Security, the isolation security company, today introduced the Isla family of web malware isolation appliances, designed for all businesses that want complete protection against malware delivered through web browsers. Isla eliminates this significant attack vector by processing all web content on secure appliances deployed outside the network, where content remains in hardware-isolated VMs created for each user session. All web content – audio, video, text, and graphics – is then instantly and continuously transformed into…
Tripwire survey compares cybersecurity views of 400 energy executives and IT professionals Tripwire, Inc., a leading global provider of advanced threat, security and compliance solutions, today announced the results of a survey conducted by Dimensional Research. The survey examined the views of over 400 energy executives and IT professionals in the energy, oil, gas and utility industries on cybersecurity and compliance initiatives. Overall, energy security professionals were extremely confident in their ability to detect a cyberattack on critical systems, with 86 percent stating they could detect a breach in less than one week. The Tripwire survey found that 49 percent…