Dating website BeautifulPeople.com has allegedly been hacked, and the names, addresses, phone numbers and even private messages of 1.1 million members have been leaked online. Here to comment on this news are security experts from GBC and Kaspesky Lab. John Lord, Managing Director at GBG says that organisations need to take action to minimise the effects of identity theft of users. David Emm, Principal Security Researcher at Kaspersky recommended that there is need to have an effective cyber security strategy in place to combat the threats. John Lord, Managing Director at GBG: “Whilst BeautifulPeople.com has told users financial details were not leaked, this data…
Author: Information Security Buzz Editorial Staff
Private Microsoft® Windows® users patching their operating systems more diligently – but the same cannot be said of Apple® QuickTime® and Oracle® Java® users. Flexera Software, the leading provider of next-generation software licensing, compliance, security and installation solutions for application producers and enterprises today has published Country Reports covering Q1 2016 for 14 countries. The reports, compiled by the Flexera Software’s Secunia Research team, provide status on vulnerable software products on private PCs in those countries, listing the vulnerable applications and ranking them by the extent to which they expose those PCs to hackers. Key findings in the UK Country Report include: Unpatched Microsoft Windows Operating Systems on…
University of California – Santa Barbara researchers discovered a vulnerability in Waze, the popular directions app, that allows hackers to track drivers. The research raises interesting themes around the security of social media applications, are you planning to cover the news? Here to comment on this news is Security Expert Deral Heiland. Comment from Deral Heiland, Research Lead at Rapid7: An oft-overlooked reality: Waze is a social media style application. This research points out a common concern related to all social media: if we are willing to share personal data — and in this case GPS location — the possibility of that data being abused exists. Waze shows you other…
Cybercriminals are continuing to exploit human nature as they rely on familiar attack patterns such as phishing, and increase their reliance on ransomware, finds the Verizon 2016 Data Breach Investigations Report. This year’s report points to repeating themes from prior-year findings and storylines that continue to play off of human frailty, including: Eighty-nine (89) percent of all attacks involve financial or espionage motivations Most attacks exploit known vulnerabilities that have never been patched despite patches being available for months, or even years. In fact, the top 10 known vulnerabilities accounted for 85 percent of successful exploits. Sixty-three (63) percent of…
Over ten thousand banks and financial institutions are being urged to remain vigilant after the secure Swift (Society for Worldwide Interbank Financial Telecommunication) system – used to send messages between global firms – was reportedly compromised by the sophisticated hacking scheme that targeted the Bangladesh central bank in March 2016. IT security experts from ESET, Proofpoint and Lieberman Software provide commentary. Mark James, Security Specialist at ESET: “Any successful malware attack is a very real threat to happen again no matter where it is. Malware is typically a “keep trying” business model and with so many financial organisations using all…
SWIFT – the global financial network through which banks transfer billions of dollars every day – is warning approx. 11,000 financial institutions of ‘a number of recent cyber incidents’ where attackers used its system to send fraudulent messages, including the recent Bangladesh Bank attack and theft of approx. $80 million, which it warns is not an isolated incident. SWIFT is urging its 11K financial institution clients to upgrade systems. Security experts comment: Andrew Komarov, Chief Intelligence Officer, InfoArmor: “It is clear that the bad actors were preparing for such a cyber heist for pretty long time. In most cases, online-banking thieves attack…
IBTimes are reporting that 1.4GB of internal documents, files and sensitive financial data from the Qatar National Bank (QNB) has been leaked online. This contains hundreds of thousands of records including customer transaction logs, personal identification numbers and credit card data. Additionally, dozens of separate folders consist of information on everything from Al Jazeera journalists to British spies and the Al-Thani Qatar Royal Family. Security experts from AlienVault, ESET and MIRACLE commented on this news below. Javvad Malik, Security Advocate at AlienVault: “Unfortunately, this is another example of a business being completely unaware of the fact that it had been…
Security researchers discovered seven security vulnerabilities with Facebook’s corporate tools, including a file transfer service, which gave them access to hundreds of the social network’s employee usernames and passwords. Here to comment on this news are security experts Paul Farrington, Senior Solution Architect at Veracode and Lee Munson, security researcher for Comparitech.com. Paul Farrington, Senior Solution Architect, Veracode: The security vulnerabilities found within the corporate Facebook network demonstrates the necessity for companies to invest in monitoring and testing their web and mobile environments and servers against flaws that may leave them open to attack. While these vulnerabilities were thankfully found and flagged to Facebook…
Smart cities are vulnerable to hacking according to field tests by researchers from Kaspersky Lab on the streets of Moscow. Here to comment on this news is Richard Kirk, SVP at AlienVault. Richard Kirk, SVP, AlienVault: “The Internet of Things (IoT) is the most topical thing in IT right now – and rightly so, when one considers the possibility of a world where we can control literally everything from a smartphone.. But, like with all major advances, there is a flipside to the astonishing advancements made possible by IoT. Namely, where does security sit within the big picture of IoT?…
As the line between the virtual and real criminal world grows ever murkier, it’s not surprising online bank robbers are using the anonymity afforded by cyberspace to infiltrate the real world and get their hands on physical cash. At the same time, within the online world, criminals are diversifying, borrowing each other’s methods and innovating on a new level to fulfil their demands. Borrowed tactics The trends we’ve seen emerge from the latest cyber bank heists, from last year’s Carbanak attack to the most recent high profile robberies, is that the tactics of large scale long term targeted attacks, previously…
