Expert(s):
Technical Director, EMEAfeature_status*/ ?>
Gurucul

Comments Dotted : 15
March 06, 2020

Experts Insight On News: Virgin Media Data Breach Affects 900,000 People
Please - if you run any services that collects customer data, have your teams double and triple check that they are secured correctly.
This data breach is wholly down to human error which is one of the biggest threats facing organisations today. The incorrectly configured data is an example of a sole employee not following the correct procedures and exposed hundreds of thousands of personal details of customers. The risk associated with incorrectly configured databases have been highlighted many times. The content of the database appears to have a wealth of information which bad actors could use for fraud and identity theft. .....Read More
This data breach is wholly down to human error which is one of the biggest threats facing organisations today. The incorrectly configured data is an example of a sole employee not following the correct procedures and exposed hundreds of thousands of personal details of customers. The risk associated with incorrectly configured databases have been highlighted many times. The content of the database appears to have a wealth of information which bad actors could use for fraud and identity theft. The situation of today’s digital world is that an increasing volume of personally identifying information is being harvested whenever we interact with organisations online. If this data isn’t strongly secured, and it often isn’t, this information can easily end up on the dark web. Please - if you run any services that collects customer data, have your teams double and triple check that they are secured correctly.  Read Less
February 21, 2020

Personal Details Of 10.6M MGM Hotel Guests Posted On A Hacking Forum – Cybersecurity Experts React
There is much “talk” about Zero Trust strategy.
Unfortunately, users’ data being exposed and made available to a wide range of bad actors is so commonplace in today’s connected world. Organisations who hold any personal data of their customers must really improve their protection of such data. There are technologies available today which can be used in a multifaceted security strategy. There is much “talk” about Zero Trust strategy. Organisations need to be taking action to move towards this as a priority. Security Analytics and.....Read More
Unfortunately, users’ data being exposed and made available to a wide range of bad actors is so commonplace in today’s connected world. Organisations who hold any personal data of their customers must really improve their protection of such data. There are technologies available today which can be used in a multifaceted security strategy. There is much “talk” about Zero Trust strategy. Organisations need to be taking action to move towards this as a priority. Security Analytics and Automation will provide the right foundations for delivering on Zero Trust and provide better security for their customers’ data as well as the organisations critical data and Intellectual Property.”  Read Less
February 07, 2020

Philips Smart Lights Vulnerability Allows Hopping To Devices On The Network – Experts Advise
The device can be used as part of a wider net of IoT.
This is one of the major issues with so called “smart devices”. The controls in place on the quality of development and security testing on these products has a long way to go. There are two main issues here. 1) The device can be used to snoop on other devices in the network or to install additional software on those devices 2) The device can be used as part of a wider net of IoT (smart) devices for other nefarious purposes (Such as DDoS attacks). If users are going to install smart .....Read More
This is one of the major issues with so called “smart devices”. The controls in place on the quality of development and security testing on these products has a long way to go. There are two main issues here. 1) The device can be used to snoop on other devices in the network or to install additional software on those devices 2) The device can be used as part of a wider net of IoT (smart) devices for other nefarious purposes (Such as DDoS attacks). If users are going to install smart devices on their home networks I would highly recommend enabling guest Wifi access (if their router supports it) and only connect your smart devices to the guest network. That way your personal devices will have some protection by keeping that level of separation. This does not stop the devices being infected and used for other purposes.  Read Less
February 07, 2020

The device can be used as part of a wider net of IoT (smart) devices.
This is one of the major issues with so called “smart devices”. The controls in place on the quality of development and security testing on these products has a long way to go. There are two main issues here. 1) The device can be used to snoop on other devices in the network or to install additional software on those devices 2) The device can be used as part of a wider net of IoT (smart) devices for other nefarious purposes (Such as DDoS attacks). If users are going to install smart .....Read More
This is one of the major issues with so called “smart devices”. The controls in place on the quality of development and security testing on these products has a long way to go. There are two main issues here. 1) The device can be used to snoop on other devices in the network or to install additional software on those devices 2) The device can be used as part of a wider net of IoT (smart) devices for other nefarious purposes (Such as DDoS attacks). If users are going to install smart devices on their home networks I would highly recommend enabling guest Wifi access (if their router supports it) and only connect your smart devices to the guest network. That way your personal devices will have some protection by keeping that level of separation. This does not stop the devices being infected and used for other purposes.  Read Less
February 06, 2020

What Expert Says On 500,000+ Bitbucket Hosts Have Been Infected With Malware
The type of data exposed – names, dates of births, social security numbers – is a treasure trove for cyber criminals.
This breach is another example of how in today’s digital world an increasing volume of personally identifying information is being harvested whenever we interact with organisations online. If this data isn’t strongly secured, and it often isn’t, the information can easily end up in the hands of cyber criminals or on the dark web. The type of data exposed – names, dates of births, social security numbers – is a treasure trove for cyber criminals to launch phishing attacks or other.....Read More
This breach is another example of how in today’s digital world an increasing volume of personally identifying information is being harvested whenever we interact with organisations online. If this data isn’t strongly secured, and it often isn’t, the information can easily end up in the hands of cyber criminals or on the dark web. The type of data exposed – names, dates of births, social security numbers – is a treasure trove for cyber criminals to launch phishing attacks or other sophisticated social engineering exploits that can lead to fraud and identity theft.  Read Less
January 31, 2020

Experts On Data Breach At Indian Airline SpiceJet Affects 1.2 Million Passengers
In addition, it would be interesting to know if SpiceJet were even aware of the access attempts.
This is another example of lack of basic security controls. Anything that contains customer data should not be "protected" (or not as the case may be) behind a simple, easily guessable password. This does not follow the Spicejet Spokespersons response stating "we [Spicejet] undertake every possible measure to safeguard and protect this data and ensure that the privacy is maintained at the highest and safest level. Some possible measures would be complex, frequently changed password (minimum) .....Read More
This is another example of lack of basic security controls. Anything that contains customer data should not be "protected" (or not as the case may be) behind a simple, easily guessable password. This does not follow the Spicejet Spokespersons response stating "we [Spicejet] undertake every possible measure to safeguard and protect this data and ensure that the privacy is maintained at the highest and safest level. Some possible measures would be complex, frequently changed password (minimum) or better still MFA for access to this customer data. In addition, it would be interesting to know if SpiceJet were even aware of the access attempts. If not then modern security analytics solutions are available to provide the visibility required to identify and mitigate these threats quickly.  Read Less
January 31, 2020

Comment: Wordpress Plugin Bug Exposes 200K+ Sites
This CSRF "flaw allowed attackers to forge a request on behalf of an administrator and inject code on a vulnerable site.
A high severity cross-site request forgery (CSRF) bug allows attackers to take over WordPress sites running an unpatched version of the Code Snippets plugin because of missing referer checks on the import menu. According to the active installations count on its WordPress library entry, the open-source Code Snippets plugin is currently used by more than 200,000 websites.he vulnerability tracked as CVE-2020-8417 and rated as high severity was patched with the release of version 2.14.0 on January .....Read More
A high severity cross-site request forgery (CSRF) bug allows attackers to take over WordPress sites running an unpatched version of the Code Snippets plugin because of missing referer checks on the import menu. According to the active installations count on its WordPress library entry, the open-source Code Snippets plugin is currently used by more than 200,000 websites.he vulnerability tracked as CVE-2020-8417 and rated as high severity was patched with the release of version 2.14.0 on January 25, two days after it was discovered and reported to the plugin's developer by Wordfence's Threat Intelligence team. This CSRF "flaw allowed attackers to forge a request on behalf of an administrator and inject code on a vulnerable site," allowing potential attackers to remotely execute arbitrary code on websites running vulnerable Code Snippets installation. These malicious requests could be used by the attackers to inject malicious code to be executed on the site thus making it possible to create a new administrative account on the site, exfiltrate sensitive information, infect site users, and much more. The full story can be found here: https://www.bleepingcomputer.com/news/security/200k-wordpress-sites-exposed-to-takeover-attacks-by-plugin-bug/  Read Less
January 28, 2020

Experts On Gedia Automotive Group Hit By Massive Cyber Attack That Shuts Down IT Operations
Utilise good endpoint protection
Companies can protect themselves better following some basic, standard tactics 1) Ensure good and regular backups are available to be able to recover quickly. 2) Utilise good endpoint protection 3) User awareness of phishing attacks and how to identify them 4) Ensure as much visibility of their infrastructure and users behaviour as possible to allow issues to be identified.
January 23, 2020

Experts On UPS Reveals Phishing Attack Might Have Exposed Customer Information
Providing protection against credential misuse by deploying MFA/Advanced authentication is one of the primary protections.
Here we have another example of the most common issue facing companies today - phishing attacks that allow bad actors to breach corporate systems. It is clear that phishing is never going to be eradicated so companies need to do all they can to protect against it. The challenge is there are many ways that bad actors breach systems using phishing. Providing protection against credential misuse by deploying MFA/Advanced authentication is one of the primary protections. In addition, companies.....Read More
Here we have another example of the most common issue facing companies today - phishing attacks that allow bad actors to breach corporate systems. It is clear that phishing is never going to be eradicated so companies need to do all they can to protect against it. The challenge is there are many ways that bad actors breach systems using phishing. Providing protection against credential misuse by deploying MFA/Advanced authentication is one of the primary protections. In addition, companies should ensure they have full visibility of users accounts, entitlements and behaviour with the ability to spot anomalous and risk behaviour quickly and remediate.  Read Less
November 19, 2019

Experts Comments On Macy’s Customer Payment Info Stolen In Magecart Breach
Identifying anomalous traffic quickly and taking action can reduce the impact of such attacks.
Mergecart attacks in action again. A number of organisations have been compromised in this way, including the 2019 British Airways breach. Managing and controlling what can and cannot be run on your website is critical in ensuring the security of your customers' data. Likewise having the capability to monitor behaviour and traffic to and from your estate is becoming a must. Identifying anomalous traffic quickly and taking action can reduce the impact of such attacks.