Researchers at Context Information Security have demonstrated how easy it is to monitor and record Bluetooth Low Energy signals transmitted by many mobile phones, wearable devices and iBeacons, including the iPhone and leading fitness monitors, raising concerns about privacy and confidentiality. The researchers have even developed an Android app that scans, detects and logs wearable devices. The app can be downloaded along with a detailed blog explaining the research visit HERE The Context findings follow recent reports that soldiers in the People’s Liberation Army of China have been warned against using wearables to restrict the possibility of cyber-security loopholes. “Many…
Author: ISBuzz Team
Organization to Leverage Cybrary’s Enterprise Training Platform Cybrary, the world’s first and only no-cost IT and cyber security MOOC, announced a pilot program with Women in Technology (WIT) which will utilize Cybrary’s enterprise training platform to help advance women and girls in the IT and cyber security industries. “Our mission is to provide comprehensive IT and cyber security training options for underserved and disadvantaged people seeking to break into cyber security or advance in their current jobs,” said Ryan Corey, co-founder of Cybrary. “Our platform will assist Women in Technology in advancing their mission by enabling WIT members and protégés…
We all know that WordPress is one of the most used CMS (Content Management System) in the world of blog websites. And because of this, many security researches are held looking for security flaws and ways to exploring it, and there’s also the bad guys (black hats, cracker). In April 26, 2015, a researcher Jouko Pynnönen [14], found a vulnerability that allows unauthenticated attacker to inject JavaScript code, XSS or cross-site scripting, in WordPress commenting system. How this happens? The comments are stored in the table “wp_comments”, precisily in the column “comment_content”, with type “text”, that has a maximum size…
WebRTC Solution Enhances Customer Service Experience Masergy Communications Inc., a global leader in secure networking and cloud services, announced that its Cloud Unified Communications solution is now WebRTC enabled with the launch of its Virtual Automated Attendant (VAA). WebRTC is an open source standard that enables real-time voice and video communications via Chrome, Firefox and Opera browsers. Masergy’s WebRTC solution includes an easy-to-use application wizard that allows customers to easily create custom menu structures to meet the specific needs of their business. The intuitive wizard auto-generates the necessary code, which can easily be embed within customers’ websites. Initial implementations include…
Covering the mSpy breach, Trey Ford Global Security Strategist from Rapid7’s wanted to share some comment on the news: “I think the most interesting aspect of this breach is that people being spied on were having their information stolen by one party, and it’s now moving rapidly through the underground. Not only is the legality of installing this software questionable (CFAA, etc.), but those who have the software on their devices have had their lives laid out in an un-contained information disclosure – it’s highly unlikely the victims of this crime will understand the extent of the damage for a very long time, if…
Hackers from Russia & Brazil have managed to discover a new exploit for the Sony PS4 – a couple of weeks ago, a number of electronics stores in Brazil had been advertising the means to copy and run a series of ripped retail games on the console. Not a whole lot was known about the hack back then, but information gradually began to trickle out from customers and make its way around the web, here’s a gaming insider’s report on it from yesterday. Comments from Tripwire, STEALTHbits Technologies, Lancope on hacking Sony PS4. Ken Westin, senior security analyst, Tripwire (www.tripwire.com): “This reveals that the…
As information technology (IT) solutions play an increasingly prominent role in business success or failure, companies around the globe are prepared to devote more resources to IT products, services and staffing, according to a new international study released today by CompTIA, the IT industry association. Business in several countries surveyed for CompTIA’s International Technology Adoption and Workforce Trends Study project strong increases in IT spending over the next year. Nearly onequarter of all firms (23 percent) say they’ll hike IT spending by 10 percent or more. Close behind are Brazil (6.8 percent), Malaysia (6.7 percent), the Middle East countries of…
CrowdStrike* researchers recently announced the discovery of a new vulnerability in many popular virtual machine platforms. Dubbed ‘Venom’ the zero-day flaw reportedly affects virtual floppy drive code used by computer virtualisation platforms. The vulnerability could allow attackers to gain access outside of an affected virtual machine, potentially putting sensitive information at risk. Chris Oakley, Principal Security Consultant at cyber security consultancy, Nettitude, has made the following comments: “It is not surprising that the attack vector for Venom lies in older and probably neglected code. We often see the highest impact attacks resulting from legacy code; the floppy disk controller that…
Company growth fuelled by demand from innovative, VC-backed SaaS companies demanding faster growth through the channel Relayware, a SaaS-based provider of Partnering Automation software, today announces its one-millionth partner on its Partner Cloud following a sustained period of strong international growth. The company attributes much of its recent growth to strong demand from young, VC-backed SaaS companies looking for faster sales growth from channel partners. Over the past six months Relayware has seen an expansion in its customer base beyond large, established technology vendors by adding more high growth SaaS companies backed by VC and private equity investors such as…
Hindsight can be a wonderful thing, but when it comes to data security and potential breaches, it’s best to ensure that your security policies and tools are able to protect your organisation. Yet, despite the regular headlines caused by high-profile data breaches, many organisations still do not know how best to react once breached or, indeed, follow best practice to prevent a breach from happening in the first instance. New research conducted by Bloor Research, in conjunction with Boldon James, highlighted data security as a critical or serious concern for most organisations surveyed, with data classification recognised as a foundational…