Explosion in ransomware drives all-time high in malicious domain creation Infoblox Inc. (NYSE:BLOX), the network control company, today released the Infoblox DNS Threat Index for the first quarter of 2016, highlighting a 35-fold increase in newly observed ransomware domains from the fourth quarter of 2015. This dramatic uptick helped propel the overall threat index, which measures creation of malicious Domain Name System (DNS) infrastructure including malware, exploit kits, phishing and other threats, to its highest level ever. Ransomware is a relatively brazen attack where a malware infection is used to seize data by encrypting it, and then payment is demanded…
Author: Information Security Buzz Editorial Staff
The Internet of Things (IoT) industry must establish a common set of security standards of which to adhere, according to Oscar Arean, technical operations manager at disaster recovery provider Databarracks. Arean also argues that IoT risks should feature in organisations’ continuity plans if they want to be protected. Research carried out by Gartner has forecasted that 6.4 billion connected devices will be in use worldwide in 2016. Further research from Gartner predicts worldwide spending on IoT security will reach $348m in 2016 with this figure climbing to $547m in 2018. While these projections are encouraging for the future of the…
Biometric technologies that use a person’s fingerprints, voice, heartbeat or even gait (the way we walk) as methods of authentication have attracted a lot of attention here in the UK for some time now. These techniques are gaining traction as the primary form of authentication to protect devices, apps and data. Biometric authentication is already seeing rapid adoption within the consumer arena. For example, MasterCard and HSBC have recently announced the introduction of facial and voice recognition technology to authorise transactions. While Amazon has introduced ‘selfie’ recognition as a form of payment. However, when it comes to the corporate environment,…
Today’s threat landscape is in many ways very different from ten years ago. The growth of smartphones combined with pervasive internet, Bring Your Own Device (BYOD) and Application (BYOA) initiatives, introduced new threats to the workplace. Cloud servers made password security all the more important – with employees being able to store and access confidential company information on the move … even via free, public networks. All empires fall and Apple has proven to be no exception. It may have taken a while, but their devices and their App Store have both been proved to be vulnerable. New forms of…
As anxiety-inducing as it may sound, you need to run your business under the assumption that a horrifying disaster could strike at any moment. In a perfect world, there would be no reason to fear a data breach, but we don’t live in a perfect world. Taking the right preventative measures can make all the difference in the world in how your business recovers from a disaster, in the event that one should befall you. There’s no such thing as being too safe, and being sorry isn’t enough to help you regain what you may lose. Evaluate your current insurance…
Smartphones can be compromised when charged using a standard USB connection connected to a computer, Kaspersky Lab experts have discovered in a proof-of-concept experiment. The researchers are now evaluating what the impact of such an incident might be. Have you ever wondered how safe your smartphone and data are when you connect the device to freely available charging points at airports, cafes, parks and public transport? Do you know what, and how much data your mobile device is exchanging with these points while it’s charging? Kaspersky Lab researchers became curious and conducted research to find the answers to these questions.…
ESET finds Ireland among the top countries affected by new Danger.Script malware. ESET LiveGrid® telemetry shows a spike in detections of the JS/Danger.ScriptAttachment malware in several European countries. The most notable detection ratios are seen in Luxembourg (67%), Czech Republic (60%), Austria (57%), Netherlands (54%) and the United Kingdom (51%), but Ireland follows closely with 46%. After delivery as an email attachment and opened, the threat behind these detections is designed to download and install different variants of malware to victims’ machines. If the user falls for the scam, JS/Danger.ScriptAttachment tries to download other malicious code, the majority of which…
FACC, an Austrian-based manufacturer of airplane parts, has fired its CEO, Walter Stephan, after he fell victim to an email scam that defrauded the company of €52.8 million ($56.79 million). Ryan Kalember, senior vice president of cybersecurity strategy for Proofpoint commented below. Ryan Kalember, senior vice president of Cybersecurity Strategy for Proofpoint comments: Business email compromise attacks are hitting all industries, at a scale never seen before and we don’t anticipate it will slow down anytime soon. As evident with this unfortunate FACC event, these attacks can have serious financial consequences. The recent surge in impostor emails is part of…
Research into the proliferation of fraudulent domains affecting the cybersecurity industry by web security experts High-Tech Bridge has uncovered some startling results, with a string of household names being impersonated online. High-Tech Bridge researchers have analyzed domains of the leading cybersecurity companies from the NASDAQ’s NQCYBRindex, as well as few private but well-known cybersecurity companies, and uncovered a host of fake domains designed to fool users – sometimes with malicious intent. High-Tech Bridge researchers used their free online service Domain Security Radar, which is designed to detect cybersquatting, typosquatting and phishing domains for a particular brand or Internet domain. Country…
Are you contemplating ISO 27001 implementation but concerned about the time and management resources that will be needed? Many modern businesses operate in a lean and agile way and this is often seen as contradictory to the traditionally bureaucratic processes associated with ISO 27001. Some even believe it may restrict the way they run their business. We’re here to dispel those myths and give you some tips on how to achieve a lean ISO 27001 implementation: Gain board level support: An information management system will only be effective with the full and active support of the board. Prepare your argument…
