Merging worlds The merging of the organic and digital worlds is undoubtedly gathering pace. As humans, we ourselves are now huge consumers of technology, which has led to patience being a virtue for very few. However, this patience is being tested on a daily basis. Just one example is the login process we have all become accustomed to. The average amount of characters that a staffer needs to tap in prior to gaining access to the business applications they want is often as many as 30, especially in worse case scenarios where they are forced to use an email address…
Author: Information Security Buzz Editorial Staff
Interact IoT, the first ever Internet of Things bank platform, launched today by Intelligent Environments Smart devices such as Nest Thermostat and the Pavlok wearable device can now be connected to your bank account Overspend and Pavlok will deliver an electric shock, while Nest Thermostat will automatically turn your heating down to save you £255 a year in bills Watch the world’s first Internet of Things bank in action in this video With a third of millennials too scared to check their bank account[1], a British technology firm has developed the world’s first Internet of Things bank account. The IoT bank…
The reports of further LinkedIn user’s passwords being sold online, following a hack four years ago, demonstrates the need for businesses to consider security procedures before a data breach forces them to – prevention is always better than cure. Customers that entrust their private information to an online provider should be able to rest safely in the knowledge it is kept in a secure manner; and all companies who handle private data have a duty to secure it. In this particular case, the leaked data contains e-mail addresses and associated unsalted password hashes. Cybercriminals have the opportunity to use this…
Researchers at Forcepoint have discovered an email campaign distributing double zipped files with Windows Script Files (WSFs) inside which, when executed, download the Cerber crypto-ransomware. Cerber is a highly customisable crypto-ransomware that encrypts local files and requests a payment to get files decrypted, which is believed to be being sold under a ransomware-as-a-service model on Russian underground forums. This means there is no one malware author, but rather several actors distributing their own Cerber builds in different ways – some via exploit kits and others via email. It has previously been seen distributed via exploit kits and over email using DOC…
Anonymous have launched a cyber attack against government portals in North Carolina to protest the “bathroom bill”. In response to this news, security experts from Tripwire and Imperva commented below. David Meltzer, Chief Research Officer at Tripwire: Although hacktivist attacks are nothing new, it would not be surprising to see an uptick in the frequency of these for the rest of this year given the highly polarizing election going on in the US. Although most major sites already have reasonable protections against basic DDOS attacks, the second tier of lesser known sites, which there are many thousands of across the government,…
Security expert Ben Johnson from Carbon Black commented below on the reports about Furtim – a new strain of ‘paranoid’ malware that is taking extreme pains to avoid detection – least of which being to scan its intended target for any traces of 400 different security solutions before it sticks its head over the parapet – then doing a runner if even one of them is present. Ben Johnson, Chief Security Strategist, Carbon Black: “Furtim is pretty well aligned with the broader trend that we’re seeing at the moment: hackers are becoming far more akin to secret agents than bank robbers,…
Recently, the Defending Law Firms from Cyber Attack Conference saw experts from the fields of government, law and cybersecurity present their views on the rising threats in cybersecurity and offer views on how law firms can effectively protect themselves from this rising threat. Whilst speakers honed in on the specific vulnerabilities within law firms to the government’s view on privacy and legislation, there was one message in particular that was echoed by many of the speakers; people are an organisation’s greatest security asset and at the same time its biggest risk. We live in an age where anybody can be targeted, it…
Cybersecurity experts from Network Box USA, Proficio and Securonix commented on news that a 2012 breach of LinkedIn member information was much larger than originally reported, and that the data is available for purchase online. Pierluigi Stella, CTO, Network Box USA (www.networkboxusa.com): “This is interesting. First of all, I never realized LinkedIn had so many users. Aside from that, this news goes along with what I mentioned in a previous interview about data breaches. Many companies claim they’re able to detect a data breach immediately or reasonably quickly. In fact, that survey actually cited large corporations stating that they’d know right…
Ever imagined on owning a car that can drive by itself; that not just determines the fastest route for you through its navigation system, but also finds the most fuel efficient one; that automatically registers for its servicing and renews its insurance; that is smart enough to prevent accidents by assessing driver’s vital functions and alerting the travelers of the potential problems; that drives on its own through traffic jams and highways. Yes, it is no more just a dream car. This disruption is already in progress through the integration of Internet of Things. We call these cars as ‘Connected…
Step-by-step guide for smaller and mid-size companies Introducing an incredible new book and the only resource you’ll ever need to implement an ISMS: Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own Author and experienced information security consultant Dejan Kosutic has written this book with one goal in mind: to give you the knowledge and practical step-by-step process you need to successfully implement ISO 27001. Without struggle, stress and headaches. Learn how to start an implementation project Get a simple explanation of the ISO 27001 standard Learn how to structure the required documentation Learn the certification process…
