News Highlights: Industry’s first One-2-One visual security solution to easily and readily identify legitimacy of card holder. Enables universities, enterprises and state and county government agencies to create and issue personalized, secure IDs with higher levels of protection at a third of the price of current market solutions. Inspired by similar visual authentication technology that is used in today’s U.S. Green Card and has virtually eliminated mass counterfeit cards in programs. HID Global®, a worldwide leader in secure identity solutions, today announced the introduction of vanGO®, a visual security solution that enables universities, enterprises and state and county government agencies to…
ISBuzz Team
The UK’s SMEs are increasingly using Voice over Internet Protocol (VoIP) in order to cut call costs. Alongside cloud computing, VoIP is a key component in today’s flexible, low cost infrastructure that is supporting business agility and growth. Yet while businesses are increasingly confident to deploy these technologies, far too many are failing to understand the associated risks. The clue is in the name – Internet Protocol. VoIP is not just a new, lower cost telephone system; it using the Internet data connection to provide a voice service – and should be treated as such in terms of security and…
The U.S. Department of Justice recently released a manual with best practices for victims of cyberattacks. The guidelines are aimed at helping companies either avoid cyberattacks or minimize the damage to the organization and consumers should a cyberattack occur. These best practices come in the wake of close to one billion online records being compromised in 1,922 confirmed incidents throughout 2014, including high profile data breaches such as Home Depot, JPMorgan Chase, Michaels and Neiman Marcus. The compromised records consist of usernames, passwords, credit card numbers, Social Security numbers and more. Data breaches and other online security attacks show no signs…
Krebs points out the potential initial culprit in gaining credentials to access the CareFirst network and data may have been similar to the Doppelgänger attacks Proficio discussed in our April 23, 2015 blog on ‘Wire Transfer Scams on the Rise’. Wiki describes a Doppelgänger as ‘a double or evil twin… in some traditions (portrayed) as a harbinger of bad luck’. In the security community a Doppelgänger domain impersonating another domain name to trick or re-direct user’s to go to the site and enter private information or download malware. An example of a Doppelgänger for CareFirst[dot]com would be registered as CareFiirst[dot]com. As with…
Adult Friend Finder, a casual dating website, has called in police and investigators after a suspected leak of client information as many as 3.9 million of Adult Friend Finder’s 64 million members had been leaked, including personal details such as email addresses.Tripwire security experts on the AdultFriendFinder data breach: Ken Westin, senior security analyst for Tripwire (www.tripwire.com), said: “The Internet has essentially become a database of You. As more data is breached, this information can be sold in underground markets and can create a very vivid profile of an individual. When dating information is compromised it can be used to embarrass…
Foregenix, the information security specialists, have identified a worrying new trend of obfuscated code containing malware being placed (hidden) on merchant’s web sites. Designed to harvest payment card details, the malware takes an unusual approach to stealing the information. Foregenix are warning that this malware could be currently hiding in web sites without businesses even being aware of it; leaving them open to embarrassing and costly data breaches. Hackers are using a script which uses several layers of encoding (binary XOR and text based base64), compression and function lookup tables to protect or hide the internal workings of the malware.…
Two factor authentication through existing physical smart cards or on-device credentials protects multiple business-critical apps Cybersecurity expert Intercede today announced the launch of the MyID Authenticator for Good. This will enable Good Technology customers to replace insecure passwords with two factor authentication across business-critical apps on iOS and Android devices. MyID Authenticator for Good allows companies to use existing PIV, PIV-I, TWIC and CAC smart card-based credentials, as well as FIPS 201-2 compliant derived credentials, to access secure apps on mobile devices. Companies without existing smart card technology in place can use Intercede’s MyID credential management system to securely issue…
The Open Organization (available here)– is about creating a successful business in today’s enormously fast-moving technology climate. The only way to do that is by eschewing the old ways of doing business – including a top-down hierarchical approach – in favor of a new approach that emphasizes soliciting and embracing everyone’s opinions, letting go of “command and control,” and moving away from traditional management comfort zones. In short, it’s about taking the methodology that has made open source software the standard for many of today’s organizations and applying it to the way business is run. Today, businesses should not be…
Did you know that the very first spam email was sent out in 1978? Today, more than 70% of all emails sent are spam. Email spam isn’t just annoying; it causes real damage damage — and it’s more effective than you might than. Spam email can damage your computer with malware contained in links or attachments, which can can damage your computer or harvest sensitive personal information to send to hackers. Spam also includes phishing attempts, with emails posing as legitimate websites in order to trick the recipient into revealing passwords or other sensitive information. Then there’s the famous Nigerian…
Automation company publishes industry report on information security The close of 2014 bought with it a spate of high profile cyber-attacks. In light of the current cyber climate,industrial automation components supplier European Automation has published an industry report about information security and its growing importance. The report is available for download on European Automation’s website, in the special reports section. The comprehensive report looks at where threats come from, how they can be avoided and the need of raising the conversation about information security to board level. 2014 was a year of high profile cyber-attacks in which large companies, the likes…