As Chrome continues to eat the marketshare of browsers, the security and privacy implications of Chrome extensions will become even more prominent. Chrome extensions can be powerful because they can run arbitrary Javascript inside any web pages. If the user grants additional permissions, an extension can access sensitive information such as all HTTP requests, clipboard, cookies, and beyond. These powerful permissions can be valuable to developers of Chrome extensions, but at the same time present security and privacy implications for users. The Chrome web store, which has historically relied on users themselves to safeguard their own security, has stepped up…
ISBuzz Team
Leading Anti-Phishing Provider Launches New Product for Security Analysts and Incident Response Teams to Operationalise Internal Human Intelligence PhishMe Inc., the leading provider of phishing threat management solutions that empower employees to be a layer of human security sensors against phishing, malware, and drive-by attacks, today introduces PhishMe Triage into the UK market, a new product offering that gives incident responders the analytics and visibility into email-based attacks occurring against their organisations in near real-time. Triage is currently the only offering that leverages human intelligence inside the organisation and turns conditioned employees, traditionally considered the weakest link, into the strongest detection…
A security breach has been detected at Telstra’s Asian telecommunications provider, Pacnet data centre. The breach occurred prior to Telstra taking ownership of Pacnet, and Telstra was made aware of it on the finalization of the purchase on April 16 this year. Telstra had taken immediate action to protect the security of the network once it was informed of the breach. Comments from Tim Erlin, director of IT security and risk strategy at Tripwire “Telstra isn’t the first organization to learn about past issues at a company they’ve acquired. A prior breach is just one more business risk among many…
Zenium Technology Partners is pleased to announce that carrier neutral connectivity integrator, Custom Connect, is now offering services in Zenium’s new Turkish data center – Istanbul One. The state-of-the-art facility, located in Istanbul, will be the first in the country to provide wholesale technical space that can be completely customised. Each client’s specific requirements can be accommodated in world-class data suites which are fully scalable, whilst offering diverse multi-carrier connectivity. Istanbul sits at the crossroads of Europe, the Middle East and Asia as well as the growing economies to the East and will play a pivotal role in the developing…
Cybersecurity experts from HP Security Voltage, Lancope, Tripwire and Secure Channels commented on news of a breach at healthcare provider CareFirst potentially affecting more than 1 million customers. Mark Bower, Global Director, Product Management, HP Security Voltage (www.voltage.com): “Healthcare entities are the new data gold mines for attackers. The data is lucrative, often unprotected, and useful for medical and identity fraud. Unfortunately, many healthcare firms do not have modern data-centric protection in place to neutralize breach risks of these kinds of attacks and are thus vulnerable to being plundered from advanced malware. One reason for this dilemma is the lack…
What you can learn from the Holborn outage – don’t let lack of IT planning get in the way of business continuity We all like to complain about services going down just when we need them most. The wrong kind of weather – extremes of hot and cold – can wreak havoc with trains, and the road network can get snarled up fast. Utilities – especially energy and telecoms – have more downtime than you might expect, as interruptions are often local, such as the recent fire in Holborn, central London, which wiped out telephone and Internet connections for several…
Following the news that a new security flaw dubbed the ‘Logjam’ attack is leaving tens of thousands of websites and mail servers are vulnerable to hackers, please find below a quote from Ken Simpson, CEO at Mail Channels. “Organizations cannot afford to rest on their laurels when it comes to cyber security. Hackers are constantly seeking to exploit vulnerabilities; Heartbleed, FREAK and now LogJam all take advantage of cyber security complacency. The LogJam attack on common implementations of Diffie-Hellman is an extreme threat to security and privacy. In all likelihood, nation state actors are already using this attack to snoop…
With the advent of smart metering set to level the playing field for the utilities industry, a cultural shift is also on the horizon around how users not only consume, but pay for their energy. With direct debit agreements seen as the most effective[1] way to pay for utilities, smart metering opens up the options to both suppliers and consumers by paving the way for pre-payment methods to become mainstream. But whilst this is certainly great news for the consumer, experience in smart pre-pay in the UK is low, with only a few suppliers having made the switch successfully. Unless…
Security experts from Tripwire, Secure Channels, Proficio, PFU Systems, Inc commented on the latest news that Penn State’s College of Engineering had to disable their network due to a Chinese-based cyber-attack. Ken Westin, senior security analyst for Tripwire (www.tripwire.com): “This should be a wake up call to other colleges and universities, it is rare for only one institution to be targeted by an active cyber espionage campaign. Given that the group was targeting engineering departments it’s pretty clear that the attacker were looking intellectual property. Many times there is deep collaboration between higher education and private industry to commercialize research, and this combined…
One in four Americans (25 percent) fell victim to information security breaches in the past year, according to a new survey from the AICPA conducted by Harris Poll. This represents a staggering growth from last year’s survey (about 11%). And even more troubling figure is that 86 percent of adults reported some concern in businesses’ ability to safeguard customers’ financial and other personal information. Combine these two statistics and the picture becomes clear- it’s not that people are more lax with securing their online information, this precious information is being stolen from the corporations and organizations that are in charge…