Following the news that a former Expedia IT support employee has plead guilty to using his position to access confidential data and facilitate insider trading, Rui Melo Biscaia, Director of Product Management at Watchful Software commented below. Rui Melo Biscaia, Director of Product Management at Watchful Software: “This case demonstrates how much damage malicious insiders can cause, especially when armed with a high level of privilege and little oversight. “The threat of trusted insiders abusing their positions can be greatly reduced by ensuring that confidential files can only be access by the authorised user themselves. Internal support staff that are…
Author: Information Security Buzz Editorial Staff
Following the news that Charter Savings Bank notified customers of potential data theft by a burglary targeting office computers, Dr Bernard Parsons, Co-founder and CEO at Becrypt commented below. Dr Bernard Parsons, Co-Founder and CEO at Becrypt: “The recently revealed theft of computers at Charter Savings Bank demonstrates the importance of including endpoint devices in a cyber security strategy. Strong external security is rendered useless if the device itself is simply stolen and accessed directly. “If data at rest on laptops, storage devices, and other machines is encrypted against unauthorised access, organisations can rest assured that any confidential information will…
In a new blog post Dima Bekerman, security researcher at Imperva, explains how easily his Amazon account was broken into, likely as a result of him using similar passwords in different accounts—an annoying but common attack. However, what he originally thought was a run-of-the-mill account breach turned into a story about perpetrators using registration bots to launch a smokescreen—an attack method he found extremely interesting. The full blog post, which includes tips on how to prevent these types of attacks, can be found here, however key takeouts are listed below: I initially had no idea my Amazon account had been…
Following the recent report from IBM’s security intelligence group about the rise of cyber-attacks on VoIP Session Initiation Protocol, Angela German, Director of Marketing at VoipSec, commented below. Angela German, Director of Marketing at VoipSec: “The rise and rise of SIP-based Cyber Attacks Cyber-attacks using the VoIP protocol Session Initiation Protocol (SIP) have been growing in 2016, accounting for over 51% of the Voice over Internet Protocol (VoIP) security event activity analysed in the last 12 months, according to a new report from IBM’s Security Intelligence group. VoIP risks extend beyond spam and eavesdropping. These phones connect a large variety of devices, and cybercriminals can weaponise any internet-connected…
Are you tired of your sluggish PC? The new release of AVG TuneUp now comes with a complete reboot of its patented ‘Programs-On-Demand’ technology. It puts unused programs into a smart sleep mode that reduces their draining impact on PC performance, battery life, network and storage to nearly zero. The update also includes a revamped Disk Cleaner which now detects and removes even more leftover and cache files than before. Get the latest version right here: Click to Download AVG TuneUp with new Sleep mode Even in 2016, PCs face one stark reality: the more you use them and the more…
Yasmin Mahmood, CEO of the Malaysian Digital Economic Corporation (MDEC), and Barry Roche, CEO of Protection Group International (PGI), today signed an agreement to collaborate to strengthen and develop cybersecurity capacity in Malaysia, and to work together to develop a cybersecurity academy in Malaysia. The collaboration was signed in the presence of UK and MDEC representatives, as well as leading Malaysian cyber security companies and entrepreneurs. The agreement was signed at PGI’s Cyber Academy in Bristol. The new academy will be known as the UK-APAC Centre of Security Excellence and will see PGI and MDEC collaborate, generate and formulate awareness and strategies to regularly…
One of the main challenges that I’ve heard voiced in discussions among CIOs recently involves the perceived lack of visibility into application security in the Cloud. The shift to software-defined infrastructure, including security and networking, along with the evaporation of the network perimeter means that you can no longer “see” your application security controls, infrastructure assets such as hardware firewalls, and network security appliances. For many CIOs this feels like driving a car without a steering wheel. But adapting to this new reality and learning that you can get where you need to go without traditional application security controls is…
Following the news about Scottish Football Association data breach, Dr Jamie Graves, CEO at ZoneFox commented below. Dr Jamie Graves, CEO at ZoneFox: “The Scottish Football Association (SFA) data breach is yet another example of the unintentional insider threat striking many businesses. The breach happened after a third-party email database was compromised – some of the details are lacking, but what is clear is that a backdoor was left open for criminals to exploit and obtain sensitive customer data. Fortunately, the SFA have reassured customers that bank and credit card details have not be shared.” He adds, “Despite this, attacks like this often happen stealthily and wreak…
Following the news about DDOS Attacks Against Digital Broadcasters to Worsen in 2017, Jonathan Smith, Managing Director EMEA, Limelight Networks commented below. Jonathan Smith, Managing Director EMEA at Limelight Networks: “Distributed Denial of Service attacks via IoT botnets were a proof of concept in 2016, and 2017 is going see these become bigger, bolder and much more common in disrupting the global media and entertainment industry especially around prestigious global digital content events like the new Games of Thrones season. While much of the attention on cybersecurity tends to be on financial services, the UK creative sector is a long…
Second annual international survey of information security professionals finds global confidence in ability to accurately assess cyber risk dropped 12 percentage points over 2016 COLUMBIA, Md. Tenable Network Security®, Inc., a global leader transforming security technology for the business needs of tomorrow, released findings today from the 2017 Global Cybersecurity Assurance Report Card, in which the world’s information security practitioners gave global cybersecurity readiness a “C-” average with an overall score of 70 percent. The 2017 Global Cybersecurity Assurance Report Card solicited insights from 700 security practitioners in nine countries and across seven industry verticals to calcww.tenable.com/2017-reporulate a global index score reflecting overall confidence that the world’s…
