Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Top Posts
Data Loss Prevention: Artificial Intelligence vs. Human Insight
Expert On How The UK Police Data Loss...
Cyber Criminals Left Stolen Phishing Credentials Exposed To...
Cyber Expert On Malware Found On Laptops Provided...
OpenText Research Offers A Snapshot Of UK Attitudes...
How Much Are You Worth On The Dark...
Experts Reaction On World Economic Forum 2021 Report...
Major Security Flaws Found In Signal And other...
Comment On IoT Risks Of Peloton Bike
Top‌ ‌3‌ ‌Priorities‌ ‌For‌ ‌CISOs’‌ ‌2021‌ ‌Security‌ ‌Programs
Information Security Buzz

Connecting Security Experts

  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • Register
  • Log In
Expert(s): November 30, 2020
Laurence Pitt
Global Security Strategy Directorfeature_status*/ ?>
Juniper Networks

Comments Dotted : 12
September 16, 2020

Experts Reaction On Staples Data Breach

Any breach in which personal data is stolen needs to be treated as highly serious and punishable.
Many people will see this as a relief that ‘only names, email addresses, and phone numbers’ were shared – their credit cards are safe and their transactions remain a secret. However, this is not the case. These pieces of PII still have value on the black market and can be used in order to gain access to other, and perhaps more sensitive, information. The combination of ‘email address and telephone number’, for example, would be a great start for anyone attempting takeover attacks on.....Read More
Many people will see this as a relief that ‘only names, email addresses, and phone numbers’ were shared – their credit cards are safe and their transactions remain a secret. However, this is not the case. These pieces of PII still have value on the black market and can be used in order to gain access to other, and perhaps more sensitive, information. The combination of ‘email address and telephone number’, for example, would be a great start for anyone attempting takeover attacks on personal data. It’s about time that we stopped ranking personal data theft on perceived severity. Any breach in which personal data is stolen needs to be treated as highly serious and punishable. Then, maybe people will be more careful about what databases are left around for people to find.  Read Less
Like(0)  (0)

Linkedin Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Any breach in which personal data is stolen needs to be treated as highly serious and punishable...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-staples-data-breach

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Any breach in which personal data is stolen needs to be treated as highly serious and punishable...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-staples-data-breach

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
July 23, 2020

Cybersecurity Experts on findings of Skybox Security 2020 Vulnerability and Threat Trends Report

The money saved from people who decide not to return to the office must be invested in ensuring they are safely working from home.
The increase in mobile vulnerabilities highlights what will be an ongoing challenge to security teams. We have been successful in moving users from the office to remote working, but users at home need to be treated differently from when they are working in an office. Home IoT devices, family members using computers and even home broadband/Wi-Fi connections all are outside corporate visibility and introduce a new attack vector that needs to be managed. For many users, a simple VPN is no longer.....Read More
The increase in mobile vulnerabilities highlights what will be an ongoing challenge to security teams. We have been successful in moving users from the office to remote working, but users at home need to be treated differently from when they are working in an office. Home IoT devices, family members using computers and even home broadband/Wi-Fi connections all are outside corporate visibility and introduce a new attack vector that needs to be managed. For many users, a simple VPN is no longer enough. The money saved from people who decide not to return to the office must be invested in ensuring they are safely working from home.  Read Less
Like(0)  (0)

Linkedin Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The money saved from people who decide not to return to the office must be invested in ensuring they are safely working from home...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cybersecurity-experts-on-findings-of-skybox-security-2020-vulnerability-and-threat-trends-report

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The money saved from people who decide not to return to the office must be invested in ensuring they are safely working from home...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cybersecurity-experts-on-findings-of-skybox-security-2020-vulnerability-and-threat-trends-report

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
July 14, 2020

Expert Reaction On Millions of LiveAuctioneers Passwords for Sale

Laurence Pitt, Global Security Strategy Director at Juniper Networks
“While there is nothing to say that the stolen data came from a single breach, what this emphasizes is the need for people to regularly update passwords and use 2FA wherever possible. With tools like Microsoft Authenticator and 1-Password making this so easy, there’s really no excuse for old and recycled passwords today. The unfortunate reality is that hackers will steal whatever data they can lay their hands on and sell to the highest bidder. As the end user, this means we must take.....Read More
“While there is nothing to say that the stolen data came from a single breach, what this emphasizes is the need for people to regularly update passwords and use 2FA wherever possible. With tools like Microsoft Authenticator and 1-Password making this so easy, there’s really no excuse for old and recycled passwords today. The unfortunate reality is that hackers will steal whatever data they can lay their hands on and sell to the highest bidder. As the end user, this means we must take responsibility for ensuring that our personal accounts/data and profiles are well-protected with regularly updated and non-recycled passwords.”  Read Less
Like(0)  (0)

Linkedin Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Laurence Pitt, Global Security Strategy Director at Juniper Networks..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/millions-of-liveauctioneers-passwords-offered-for-sale-following-data-breach

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Laurence Pitt, Global Security Strategy Director at Juniper Networks..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/millions-of-liveauctioneers-passwords-offered-for-sale-following-data-breach

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
July 01, 2020

GDPR Breach Notifications Rising – Expert Reaction

Pre-GDPR, many of these could have remained private.
The number of breaches reported is only impressive because of growth. What’s more interesting is the type of breaches reported. Pre-GDPR, many of these could have remained private. According to this report, the top sources for a breach are hacking and scams, sending emails to the wrong people (likely CC instead of BCC), loss of unsecured devices and inadequate security on internet available data. In three out of four key breach sources, the cause was improper security basics – lack of.....Read More
The number of breaches reported is only impressive because of growth. What’s more interesting is the type of breaches reported. Pre-GDPR, many of these could have remained private. According to this report, the top sources for a breach are hacking and scams, sending emails to the wrong people (likely CC instead of BCC), loss of unsecured devices and inadequate security on internet available data. In three out of four key breach sources, the cause was improper security basics – lack of security awareness, lack of security management, weak password and weak hygiene standards. The result is three out of four GDPR notifications were entirely preventable, if a little more time had been spent on cybersecurity basics.  Read Less
Like(1)  (0)

Linkedin Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Pre-GDPR, many of these could have remained private. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/gdpr-breach-notifications-rising-expert-reaction

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Pre-GDPR, many of these could have remained private. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/gdpr-breach-notifications-rising-expert-reaction

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
June 30, 2020

Over 100k Daily Brute-force Attacks On RDP In Pandemic Lockdown – Expert Reaction

It is an invitation for anyone walking by to pop in, take what they want and mess up everything else.
Attacks using RDP are not a new problem, but one made worse by the number of RDP ports that have been exposed to the internet in recent months. According to some statistics, they have increased by around 50%. More ports equates to more opportunity for the bad guys. Reducing the risk of attack is not complicated, as these attacks are either taking advantage of well-known existing exploits, such as Bluekeep, or weak passwords on devices. The prevention method is to ensure that you apply the.....Read More
Attacks using RDP are not a new problem, but one made worse by the number of RDP ports that have been exposed to the internet in recent months. According to some statistics, they have increased by around 50%. More ports equates to more opportunity for the bad guys. Reducing the risk of attack is not complicated, as these attacks are either taking advantage of well-known existing exploits, such as Bluekeep, or weak passwords on devices. The prevention method is to ensure that you apply the latest patches on all devices and introduce good, strong and, ideally, centrally-managed password hygiene. Leaving RDP unpatched, with a simple password, is like going out and leaving the front door of the house unlocked and open. It is an invitation for anyone walking by to pop in, take what they want and mess up everything else.  Read Less
Like(0)  (0)

Linkedin Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It is an invitation for anyone walking by to pop in, take what they want and mess up everything else. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/over-100k-daily-brute-force-attacks-on-rdp-in-pandemic-lockdown-expert-reaction

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It is an invitation for anyone walking by to pop in, take what they want and mess up everything else. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/over-100k-daily-brute-force-attacks-on-rdp-in-pandemic-lockdown-expert-reaction

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
June 01, 2020

Over Half Of Work-from-home Staff Believe Riskier Cybersec Behaviors Are Ok – Experts Reaction

Security awareness is important for home workers.
This COVID-19 situation will drive changes in remote working policies not just to be better prepared for the future, but also because it’s likely that many users will find that working from home is something they want to do more regularly, once it becomes optional again. Many organizations already have flexible and detailed policies in-place, but it would still be highly recommended to dust them off and make sure everything is up to date. For those that are being challenged today, this will.....Read More
This COVID-19 situation will drive changes in remote working policies not just to be better prepared for the future, but also because it’s likely that many users will find that working from home is something they want to do more regularly, once it becomes optional again. Many organizations already have flexible and detailed policies in-place, but it would still be highly recommended to dust them off and make sure everything is up to date. For those that are being challenged today, this will be an opportunity to create a modern policy that supports users and their work. It will need to include technical requirements, such as home-working equipment, methods of access, VPN and multi-factor locational requirements. Security awareness is important for home workers. It’s easy to be briefly distracted at home by a website you might not normally access in the office, perhaps to show your children something. However, home workers need to be (made) aware of the types of scams that will be targeted at them and how spending more time at home can make them a more likely target.  Read Less
Like(2)  (0)

Linkedin Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Security awareness is important for home workers...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/over-half-of-work-from-home-staff-believe-riskier-cybersec-behaviors-are-ok-experts-reaction

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Security awareness is important for home workers...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/over-half-of-work-from-home-staff-believe-riskier-cybersec-behaviors-are-ok-experts-reaction

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
April 26, 2020

Cyber-Attacks On WHO Increase 5X – Expert Insight

For an attacker, the theft of email addresses from WHO is valuable.
Organizations such as WHO will be targets because they are very visible to the current crisis and will be taking in large numbers of new, global contact details as they bring everyone together to work toward a solution. For an attacker, the theft of email addresses from WHO is valuable because they would expect for the list to contain up-to-date and relevant details that can be leveraged in the generation of scams and phishing campaigns. But migration of affected systems after an attack is a.....Read More
Organizations such as WHO will be targets because they are very visible to the current crisis and will be taking in large numbers of new, global contact details as they bring everyone together to work toward a solution. For an attacker, the theft of email addresses from WHO is valuable because they would expect for the list to contain up-to-date and relevant details that can be leveraged in the generation of scams and phishing campaigns. But migration of affected systems after an attack is a response, not a solution. Any organization dealing with current, relevant personal details should be reviewing data security and looking to airgap, encrypt or add additional security, in order to prevent a breach from occurring in the first place.  Read Less
Like(4)  (0)

Linkedin Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"For an attacker, the theft of email addresses from WHO is valuable...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cyber-attacks-on-who-increase-5x-expert-insight

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"For an attacker, the theft of email addresses from WHO is valuable...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cyber-attacks-on-who-increase-5x-expert-insight

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
March 25, 2020

Hackers Hijack Routers To Spread Malicious COVID-19 Apps – Networks Expert Comments

Most internet providers today provide routers that have a decent strength default security setup.
This attack highlights the need for people to make sure they change the default username/password for their home router, as a number of the affected users admitted having a weak or default combination. Most internet providers today provide routers that have a decent strength default security setup. It appears that this attack has targeted a certain brand of router that would also indicate that users have left the default admin/password combination to access the device.
Like(0)  (0)

Linkedin Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Most internet providers today provide routers that have a decent strength default security setup. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/hackers-hijack-routers-to-spread-malicious-covid-19-apps-networks-expert-comments

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Most internet providers today provide routers that have a decent strength default security setup. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/hackers-hijack-routers-to-spread-malicious-covid-19-apps-networks-expert-comments

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
December 21, 2019

2020 Cybersecurity Landscape: 100+ Experts’ Predictions

The Masad Stealer attack, reported by Juniper Threat Labs in late 2019.
Any threat that costs money, and especially where it affects public money (government and healthcare) will remain newsworthy. We’ll see more attacks using common vectors, such as phishing, download via malvertisiting, etc., but also attacks that use old methods with new vectors. The Masad Stealer attack, reported by Juniper Threat Labs in late 2019, is a good example of this, where data (and money) was stolen via malware injected into a used and respected piece of software.
Like(2)  (0)

Linkedin Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The Masad Stealer attack, reported by Juniper Threat Labs in late 2019...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/2020-cybersecurity-predictions-experts-comments

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The Masad Stealer attack, reported by Juniper Threat Labs in late 2019...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/2020-cybersecurity-predictions-experts-comments

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
October 09, 2019

Experts On Credit Information Exposed In TransUnion Credit Stuffing Attack

It should only have been possible to access this sensitive data remotely using a corporate device.
Whatever the cause of the attack, however, organizations need to be more careful of protecting data in all states – whether at rest or on the move. It should only have been possible to access this sensitive data remotely using a corporate device, and through a VPN client, to ensure that authentication and the records accessed could be logged. In addition the use of a CASB (Cloud Access Security Broker) could have ensured not only a secure connection, but also detected any anomalous data.....Read More
Whatever the cause of the attack, however, organizations need to be more careful of protecting data in all states – whether at rest or on the move. It should only have been possible to access this sensitive data remotely using a corporate device, and through a VPN client, to ensure that authentication and the records accessed could be logged. In addition the use of a CASB (Cloud Access Security Broker) could have ensured not only a secure connection, but also detected any anomalous data access by the user as they downloaded the records – then shut down the connection and raise a security alert.  Read Less
Like(0)  (0)

Linkedin Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It should only have been possible to access this sensitive data remotely using a corporate device...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-on-credit-information-exposed-in-transunion-credit-stuffing-attack

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Laurence Pitt, Global Security Strategy Director, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It should only have been possible to access this sensitive data remotely using a corporate device...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-on-credit-information-exposed-in-transunion-credit-stuffing-attack

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Matias Madou, Co-founder and CTO, Secure Code Warrior

"It’s imperative that all developers are trained in how to code securely from the outset. "

Expert On How The UK Police Data Loss Could Have Been Easily Prevented

Stephen Kapp, CTO and Founder, Cortex Insight

"Pixlr should look to improve its internal processes by holding user information. "

Expert Commentary: Hacker Posts 1.9 Million Pixlr User Records For Free On Forum

George Glass, Head of Threat Intelligence, Redscan

"Gamarue is able to spread across a user’s local network and is also capable of installing additional strains of malware. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Jake Moore, Cybersecurity Specialist, ESET

"Gamarue.1 is an old virus from quite a few years ago. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Niamh Muldoon, Senior Director of Trust and Security EMEA, OneLogin

"New and young students using online learning for the first time are most vulnerable. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"All computers, no matter the make, model, or operating system should run some type of antivirus or anti-malware protection. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Chris Hauk, Consumer Privacy Champion, Pixel Privacy

"Department of Education should be putting security parameters. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Sam Curry, Chief Security Officer, Cybereason

"The National Cyber Security Centre offer free advice on secure home working. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Brian Higgins, Security Specialist, Comparitech.com

"The potential for malicious software to be used against recipients is not limited to the children. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Chloé Messdaghi, VP of Strategy, Point3 Security

"The attack approach was also clever. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Saryu Nayyar, CEO, Gurucul

"Organizations still need to maintain strong perimeter and interior defenses. "

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

Oliver Cronk, Chief IT Architect, EMEA, Tanium

"This story is part of a wider challenge facing schools at the moment. "

Cyber Expert On Malware Found On Laptops Provided By Government For Home-schooling

Andy Teichholz, Senior Industry Strategist, Compliance and Legal, OpenText

"In our new digital economy, people around the world are becoming acutely aware of how their information is being collected, stored, and used. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Lou Blatt, Senior Vice President and CMO, OpenText

"Digital is now central to almost every business interaction – generating more data for companies to manage and secure. "

OpenText Research Offers A Snapshot Of UK Attitudes Towards Data Privacy

Greg Bell, CEO, Corelight

"This type of network infiltration is often difficult to identify. "

A Chinese Hacking Group Is Stealing Airline Passenger Details

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel