Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Top Posts
Data Loss Prevention: Artificial Intelligence vs. Human Insight
Expert On How The UK Police Data Loss...
Cyber Criminals Left Stolen Phishing Credentials Exposed To...
Cyber Expert On Malware Found On Laptops Provided...
OpenText Research Offers A Snapshot Of UK Attitudes...
How Much Are You Worth On The Dark...
Experts Reaction On World Economic Forum 2021 Report...
Major Security Flaws Found In Signal And other...
Comment On IoT Risks Of Peloton Bike
Top‌ ‌3‌ ‌Priorities‌ ‌For‌ ‌CISOs’‌ ‌2021‌ ‌Security‌ ‌Programs
Information Security Buzz

Connecting Security Experts

  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Expert(s): November 30, 2020
Jake Moore
Cybersecurity Specialistfeature_status*/ ?>
ESET

Comments Dotted : 278
January 22, 2021

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Gamarue.1 is an old virus from quite a few years ago.

It is particularly worrying that some laptops being prepared to hand out to students contain a virus, as one would have thought a proper scan would have highlighted this concern at an earlier stage. However, it is not uncommon to have remnants of computer viruses on second hand machines – which therefore further emphasizes the importance of a thorough scan for malicious software before the initial use.

 

Any good anti malware product would have detected this worm, highlighting how vital it is

.....Read More

It is particularly worrying that some laptops being prepared to hand out to students contain a virus, as one would have thought a proper scan would have highlighted this concern at an earlier stage. However, it is not uncommon to have remnants of computer viruses on second hand machines – which therefore further emphasizes the importance of a thorough scan for malicious software before the initial use.

 

Any good anti malware product would have detected this worm, highlighting how vital it is to have good internet security on all laptops. Gamarue.1 is an old virus from quite a few years ago, but it still has the potential to be dangerous by disabling some functions or hijacking certain permissions to harvest personal information on the device, including passwords. If left untouched, it could also copy itself onto USBs or other connected devices.

  Read Less
Like(0)  (0)

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Gamarue.1 is an old virus from quite a few years ago...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cyber-expert-on-malware-found-on-laptops-provided-by-government-for-home-schooling

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Gamarue.1 is an old virus from quite a few years ago...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cyber-expert-on-malware-found-on-laptops-provided-by-government-for-home-schooling

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 21, 2021

Major Security Flaws Found In Signal And other Video Chat Apps

Signal is open source which makes it easier to patch and keeps costs down.

Google’s Project Zero research team do a magnanimous job in keeping possible threats from hitting our phones. Vulnerabilities that can occur without even requesting that the victim touch their device have the capability of causing havoc around the world, so it is vital that teams such as this continue to test and patch any zero-day threats they uncover. These threats are usually patched very quickly. Plus, Signal is open source which makes it easier to patch and keeps costs down.

 

In recent

.....Read More

Google’s Project Zero research team do a magnanimous job in keeping possible threats from hitting our phones. Vulnerabilities that can occur without even requesting that the victim touch their device have the capability of causing havoc around the world, so it is vital that teams such as this continue to test and patch any zero-day threats they uncover. These threats are usually patched very quickly. Plus, Signal is open source which makes it easier to patch and keeps costs down.

 

In recent years we have seen problems arise from similar zero-click threats such as the infamous Pegasus spyware, but luckily for us this spyware and the threats uncovered by the Project Zero team have all since been patched, so make sure you always keep all your apps’ and your device’s operating system up to date.

  Read Less
Like(0)  (0)

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Signal is open source which makes it easier to patch and keeps costs down...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/major-security-flaws-found-in-signal-and-other-video-chat-apps

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Signal is open source which makes it easier to patch and keeps costs down...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/major-security-flaws-found-in-signal-and-other-video-chat-apps

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 20, 2021

Experts Reaction On New Chrome Update To Boost Password Security

Passwords are in desperate need of an overhaul.

Password security remains a huge challenge for organisations around the world and a massive threat to individuals too. One of the biggest challenges facing new users with a password manager is the thought of it taking them too long or being difficult to set up. One trap people still fall into is using the same or a variation of the same password across their online accounts which brings all sorts of problem. Passwords are in desperate need of an overhaul therefore this new move by Google may be

.....Read More

Password security remains a huge challenge for organisations around the world and a massive threat to individuals too. One of the biggest challenges facing new users with a password manager is the thought of it taking them too long or being difficult to set up. One trap people still fall into is using the same or a variation of the same password across their online accounts which brings all sorts of problem. Passwords are in desperate need of an overhaul therefore this new move by Google may be the first step in making things easier for people in using unique, strong passwords.

  Read Less
Like(0)  (0)

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Passwords are in desperate need of an overhaul...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-new-chrome-update-to-boost-password-security

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Passwords are in desperate need of an overhaul...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-new-chrome-update-to-boost-password-security

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 19, 2021

Experts Insight On Hackers Exploiting The Windows Finger Feature

Recruiters may want to request CVs are attached as PDFs as they are not required to be edited.

Phishing emails can often be quite easy to spot, but when CVs are attached to emails and sent to HR departments seemingly innocently, the chance of an exploit is heightened. Locating malware in macros in Word documents is nothing new, but this malware is particularly damaging as it can be deployed by just enabling the editing function.

 

Recruiters may want to request CVs are attached as PDFs as they are not required to be edited. Furthermore, it would be a good idea for administrators to block

.....Read More

Phishing emails can often be quite easy to spot, but when CVs are attached to emails and sent to HR departments seemingly innocently, the chance of an exploit is heightened. Locating malware in macros in Word documents is nothing new, but this malware is particularly damaging as it can be deployed by just enabling the editing function.

 

Recruiters may want to request CVs are attached as PDFs as they are not required to be edited. Furthermore, it would be a good idea for administrators to block the rarely used command.

  Read Less
Like(0)  (0)

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Recruiters may want to request CVs are attached as PDFs as they are not required to be edited...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-hackers-exploiting-the-windows-finger-feature

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Recruiters may want to request CVs are attached as PDFs as they are not required to be edited...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-hackers-exploiting-the-windows-finger-feature

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 19, 2021

AnyVan Confirms Breach – Experts Reation

The ICO may state that if ‘a risk is unlikely’ to occur then it shouldn’t need to report it.

Although such data stolen may sound trivial, a cryptographic hash of a password could still be reverse engineered back to its original state. Therefore, if a password has been used before, by you or anyone else for that matter, it could be reversed back into the password it was before it was encrypted. This, alongside a name and email, could be all it takes for threat actors to get into other accounts if people reuse their passwords across their online accounts. The ICO may state that if ‘a

.....Read More

Although such data stolen may sound trivial, a cryptographic hash of a password could still be reverse engineered back to its original state. Therefore, if a password has been used before, by you or anyone else for that matter, it could be reversed back into the password it was before it was encrypted. This, alongside a name and email, could be all it takes for threat actors to get into other accounts if people reuse their passwords across their online accounts. The ICO may state that if ‘a risk is unlikely’ to occur then it shouldn’t need to report it but this sort of wording makes it all the more of a danger to those who have been breached and companies must do what they can to better protect their customers’ data.

  Read Less
Like(0)  (0)

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The ICO may state that if ‘a risk is unlikely’ to occur then it shouldn’t need to report it...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/anyvan-confirms-breach-experts-reation

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The ICO may state that if ‘a risk is unlikely’ to occur then it shouldn’t need to report it...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/anyvan-confirms-breach-experts-reation

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 19, 2021

Scottish Environment Agency Continues To Suffer Following Christmas Eve Ransomware Attack

Claiming responsibility can also add weight to further attacks when potential victims research the possible outcome.

Nowadays, threat actors specialising in ransomware tend not to stop at the first set of ransom demands. It can be far more lucrative if these criminals also release some of the stolen data on the dark web – and far more damaging to the organisation targeted. 

 

Claiming responsibility can also add weight to further attacks when potential victims research the possible outcome if they are, unfortunately, attacked. Although it is nearly impossible to locate suspects in cyber offences, such a

.....Read More

Nowadays, threat actors specialising in ransomware tend not to stop at the first set of ransom demands. It can be far more lucrative if these criminals also release some of the stolen data on the dark web – and far more damaging to the organisation targeted. 

 

Claiming responsibility can also add weight to further attacks when potential victims research the possible outcome if they are, unfortunately, attacked. Although it is nearly impossible to locate suspects in cyber offences, such a release of data should be treated as a credible threat, which far too often leaves organisations stuck between a rock and a hard place. 

 

We are now seeing a rise in this doubly impactful use of ransomware that can be highly lucrative for criminal gangs. Therefore, companies and individuals must be on even higher alert to phishing attempts, which are still the most likely attack vector.

  Read Less
Like(0)  (0)

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Claiming responsibility can also add weight to further attacks when potential victims research the possible outcome...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/scottish-environment-agency-continues-to-suffer-following-christmas-eve-ransomware-attack

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Claiming responsibility can also add weight to further attacks when potential victims research the possible outcome...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/scottish-environment-agency-continues-to-suffer-following-christmas-eve-ransomware-attack

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 15, 2021

Expert Reaction On Microsoft Remained Most-spoofed Brand At End Of 2020

Phishing emails are often inevitable.

Unfortunately, threat actors continue to hide behind and exploit well-known brand names because it is so highly effective. However, companies that are highly targeted, such as Microsoft and DHL, can offer some reassurance to their customers by adhering to a few basic rules. 

 

While reminding their customers that phishing emails are often inevitable, these organisations must attempt to reduce the number of links in their own, legitimate messages, as this will mean that phishing emails look less

.....Read More

Unfortunately, threat actors continue to hide behind and exploit well-known brand names because it is so highly effective. However, companies that are highly targeted, such as Microsoft and DHL, can offer some reassurance to their customers by adhering to a few basic rules. 

 

While reminding their customers that phishing emails are often inevitable, these organisations must attempt to reduce the number of links in their own, legitimate messages, as this will mean that phishing emails look less authentic.  

 

If links have to be sent within any communications – such as redelivery links – then companies must reduce the amount of personal data required and, at the same time, remind their customers that they will never ask for anything else, especially payment.

  Read Less
Like(0)  (0)

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Phishing emails are often inevitable...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-reaction-on-microsoft-remained-most-spoofed-brand-at-end-of-2020

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Phishing emails are often inevitable...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-reaction-on-microsoft-remained-most-spoofed-brand-at-end-of-2020

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 13, 2021

Experts Commentary On DarkMarket Being Taken Down By Europol

are starting to see them make use of other anonymous networks such as Signal and Telegram, taking advantage of functions like disappearing messages.

With the growth of anonymized networks, it is inevitable that we will continue to see demand for the dark web and other unidentifiable platforms for the sale of illicit drugs and other contraband. However, the golden age of dark web markets is slowly coming to an end as law enforcement tactics improve and agencies around the world work together.

 

Even if the anonymity cloak on the dark web isn’t yet fully off, the criminal fraternity is are often one step ahead – and we are starting to see

.....Read More

With the growth of anonymized networks, it is inevitable that we will continue to see demand for the dark web and other unidentifiable platforms for the sale of illicit drugs and other contraband. However, the golden age of dark web markets is slowly coming to an end as law enforcement tactics improve and agencies around the world work together.

 

Even if the anonymity cloak on the dark web isn’t yet fully off, the criminal fraternity is are often one step ahead – and we are starting to see them make use of other anonymous networks such as Signal and Telegram, taking advantage of functions like disappearing messages.

 

The inherent link to cryptocurrencies makes the dark web a perfect breeding ground for nefarious trading, but there are no securities in place when transactions go wrong. This only helps criminals who can hide in the shadows without the risk of capture.

  Read Less
Like(0)  (0)

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"are starting to see them make use of other anonymous networks such as Signal and Telegram, taking advantage of functions like disappearing messages...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-commentary-on-darkmarket-being-taken-down-by-europol

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"are starting to see them make use of other anonymous networks such as Signal and Telegram, taking advantage of functions like disappearing messages...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-commentary-on-darkmarket-being-taken-down-by-europol

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 13, 2021

Far Right Platform Parler Under Cyberattack

This attack does not seem so far to be too sophisticated.

This is yet another reminder that cybercriminals target current and newsworthy platforms for bigger exposure.

 

This attack does not seem so far to be too sophisticated, although it does highlight how threat actors will attempt whatever they can to achieve a relevant goal. This now stolen data could be manipulated in extreme circumstances, but this would be unlikely.

 

However, what makes this slightly more perturbing is the way the breach was able to carve out deleted posts on top of live posts

.....Read More

This is yet another reminder that cybercriminals target current and newsworthy platforms for bigger exposure.

 

This attack does not seem so far to be too sophisticated, although it does highlight how threat actors will attempt whatever they can to achieve a relevant goal. This now stolen data could be manipulated in extreme circumstances, but this would be unlikely.

 

However, what makes this slightly more perturbing is the way the breach was able to carve out deleted posts on top of live posts

  Read Less
Like(0)  (0)

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"This attack does not seem so far to be too sophisticated...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/far-right-platform-parler-under-cyberattack

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"This attack does not seem so far to be too sophisticated...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/far-right-platform-parler-under-cyberattack

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 13, 2021

SaferVPN Hit By Major Security Vulnerability

It is disappointing to learn that this was not updated within the 90 day disclosure time.

With VPN usage more important than ever due to mass remote working, it is vital these vulnerabilities are patched at the earliest opportunity, so it is disappointing to learn that this was not updated within the 90 day disclosure time. However, this also highlights the time and expertise being spent on targeting all aspects of information security. With millions now at home, VPN usage has increased dramatically, which has put a dent in threat actors’ attack vectors. The sophistication of

.....Read More

With VPN usage more important than ever due to mass remote working, it is vital these vulnerabilities are patched at the earliest opportunity, so it is disappointing to learn that this was not updated within the 90 day disclosure time. However, this also highlights the time and expertise being spent on targeting all aspects of information security. With millions now at home, VPN usage has increased dramatically, which has put a dent in threat actors’ attack vectors. The sophistication of these actors should never be underestimated and it is everyone’s responsibility to patch security vulnerabilities as soon as possible.

  Read Less
Like(0)  (0)

Linkedin Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It is disappointing to learn that this was not updated within the 90 day disclosure time...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/safervpn-hit-by-major-security-vulnerability

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Jake Moore, Cybersecurity Specialist, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It is disappointing to learn that this was not updated within the 90 day disclosure time...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/safervpn-hit-by-major-security-vulnerability

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Matias Madou, Co-founder and CTO, Secure Code Warrior

"It’s imperative that all developers are trained in how to code securely from the outset. "

Expert On How The UK Police Data Loss Could Have Been Easily Prevented

Stephen Kapp, CTO and Founder, Cortex Insight

"Pixlr should look to improve its internal processes by holding user information. "

Expert Commentary: Hacker Posts 1.9 Million Pixlr User Records For Free On Forum

George Glass, Head of Threat Intelligence, Redscan

"Gamarue is able to spread across a user’s local network and is also capable of installing additional strains of malware. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Jake Moore, Cybersecurity Specialist, ESET

"Gamarue.1 is an old virus from quite a few years ago. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Niamh Muldoon, Senior Director of Trust and Security EMEA, OneLogin

"New and young students using online learning for the first time are most vulnerable. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"All computers, no matter the make, model, or operating system should run some type of antivirus or anti-malware protection. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"Department of Education should be putting security parameters. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Sam Curry, Chief Security Officer, Cybereason

"The National Cyber Security Centre offer free advice on secure home working. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Brian Higgins, Security Specialist, Comparitech.com

"The potential for malicious software to be used against recipients is not limited to the children. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Chloé Messdaghi, VP of Strategy, Point3 Security

"The attack approach was also clever. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Saryu Nayyar, CEO, Gurucul

"Organizations still need to maintain strong perimeter and interior defenses. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Oliver Cronk, Chief IT Architect, EMEA, Tanium

"This story is part of a wider challenge facing schools at the moment. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Andy Teichholz, Senior Industry Strategist, Compliance and Legal, OpenText

"In our new digital economy, people around the world are becoming acutely aware of how their information is being collected, stored, and used. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Lou Blatt, Senior Vice President and CMO, OpenText

"Digital is now central to almost every business interaction – generating more data for companies to manage and secure. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Greg Bell, CEO, Corelight

"This type of network infiltration is often difficult to identify. "

A Chinese Hacking Group Is Stealing Airline Passenger Details

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel