Every country’s government has its secrets. Whether it’s information on strategic military positions, to data on its citizens, there has long been a need for cyber-intelligence defences and the protection of High Assurance computer systems. But, as everything from a country’s power grid to its national transportation network comes online, the lines between government, civil, and industrial systems are becoming increasingly blurred. In today’s digital world, an adversary taking banking systems offline, or causing mayhem on transport infrastructure, poses a threat to life that’s every bit as real as a physical attack or traditional industrial espionage. Clearly, while many of…
Author: Information Security Buzz Editorial Staff
Cybercriminals are now offering free decryption to Popcorn Time ransomware if you infect two of your friends. Criminals are tricking people by claiming the money will go for food and shelter for those in Syria. IT security experts from Tripwire and Plixer commented below. Tim Erlin, Senior Director of IT Security and Risk Strategy at Tripwire: “Cybercrime is part of an economy, and it shouldn’t be surprising that criminals are learning from strategies that work in more legal markets. The idea of using referrals to extend your business is hardly new.” . . Michael Patterson, CEO at Plixer International: “Ransomware that…
A Turkish hacking crew is running a DDoS-for-Points platform where participants can earn points if they carry out DDoS attacks against a list of predetermined targets, points they can exchange later on for various online click-fraud tools. IT security experts from Corero Network Security, Tripwire, Imperva and Forcepoint comment below. Stephanie Weagle, VP at Corero Network Security: “The crude, large scale DDoS attacks of yesteryear have evolved to take advantage of more sophisticated methodologies, vectors and techniques. The concept of the gamification of DDoS attacks may not be a new methodology, perhaps more of a growing trend on the dark web. The sheer…
With the growing number of benefits the cloud can provide – greater scalability, reduced costs, easier access to applications – it’s unsurprising that more and more businesses move to the cloud each year. Over the next five years, more than $1 trillion in IT spending will be affected by this shift to the cloud, according to technology analyst Gartner. For businesses planning to make the move, it’s important to choose the right third-party cloud services provider in order to ensure security is adequate. Organisations must make several considerations before making their choice: does the T&C align with business requirements? How…
Following the news that patients are being put at risk because most NHS trusts are still using old Windows XP systems which could enable hackers to steal patient data or take control of hospital infrastructure. Criminals have already used cyberattacks to hold hospitals to ransom and an NHS trust in Lincolnshire and East Yorkshire said this week that an attack in October led to the cancellation of more than 2,800 patient appointments, including operations. IT security experts from Tripwire, Lieberman Software, Lastline, NSFocus and AliertLogic commented below. Tim Erlin, Sr. Director, Product Management at Tripwire: “It’s well established fact that using…
From a number of recent surveys, it’s clear that more and more organisations are happy to accept that they will suffer a network security breach at some point and it is simply a matter of time. Clearing up the mess post-issue and how to do it seems to be the focus now – which is a bit of a shame since there are a number of ways to endeavour to avoid the mess in the first place. Unfortunately, most companies rely on increasing the size and scope of perimeter defences for their security – a bit like widening the moat…
Have you changed the WiFi key on your home router? Do you even know how to? You’d be surprised how complicated this can be. Routers have their own IP address and a default password or key but how you access and change this can vary from one device to another. In the event of a compromise that means most routers are sitting ducks. Which is why when TalkTalk recently stated it was going to do a ‘password reset’ on routers affected by the Annie worm which exploits a security hole associated with the TR-064 vulnerability we rolled our eyes in…
The world’s increasing interconnectivity has given rise to greater efficiency and the easier exchange of data. However, as networks become borderless and institutions freely exchange data with partners, a data breach in one organisation’s network can now provide hackers with an avenue into multiple other companies. Before any can respond, a chain reaction of breaches has already taken place. Furthermore, the major breaches of the past year including the attacks on the World Anti-Doping Agency and Yahoo! have proven that state-sponsored cyber espionage is no longer just a problem for governments. Today, any organisation that has sensitive information may become…
Following the news about the football-sized drone which has been flown 20m from a Heathrow-bound plane, Dik Vos, CEO at SQS commented below how drones pose a very real security threat to society and how laws must be created to protect uncontrolled airspace against hostile drones. Dik Vos, CEO at SQS: “The UK government spends millions of pounds a year on security, whether this is to protect sensitive information or the physical security of the general public, but what is being done to stop a potential drone attack? Currently, not a lot. Drones must be embraced and feared in equal measure. Combined…
London, UK. Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the results of an extensive Tripwire study conducted by Dimensional Research. The study evaluated key challenges that organizations must address in order to optimize their cyber security and compliance programs. Study respondents included over 500 IT security professionals. According to Tripwire’s study, only one in four respondents said their organizations have the technology needed to effectively detect and respond to a serious data breach. In addition, 39 percent of respondents said that after statistics are collected it takes their security teams…
