Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • ISB Conference 2021
  • Register
  • Log In
Top Posts
Debunking Three Cyber Insurance Myths For SMEs
Experts On Russia Being Held Accountable For SolarWinds
Security Expert Re: NSA Urges Organizations To Patch...
How To Protect Your Enterprise When You Can’t...
Expert Insights: Dir Nat’l Intelligence Releases Annual Threat...
Expert Advice Developers to Improve Software Security After...
Expert Reaction on Research that Coronavirus Triggering Surge...
Expert Comment On DPC Facebook Investigation
Apple Quietly Updated Some Of Its Top Hardware...
Security Researcher “Chrome 0day” Tweet – Expert Insight
Information Security Buzz
Connecting Security Experts
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • ISB Conference 2021
  • Register
  • Log In
Expert(s): November 30, 2020
Chloé Messdaghi
VP of Strategyfeature_status*/ ?>
Point3 Security

Comments Dotted : 62
April 05, 2021

Expert Reaction On Broward District Attacker Demanded $40Mil Ransom

The securing of kids’ identities is another critical element in securing our future.

This particular threat actor group is woefully underinformed, and based on their ransomware assumptions, is likely not from the US.

 

US school districts may appear to some have large budgets, but almost all of those budgets are committed to ongoing expenses that are deeply and contractually committed. There’s little to no discretionary budget, and even core resources are underfunded.  Not all that long ago, my public school textbooks were covered in years’ worth of markings from other

.....Read More

This particular threat actor group is woefully underinformed, and based on their ransomware assumptions, is likely not from the US.

 

US school districts may appear to some have large budgets, but almost all of those budgets are committed to ongoing expenses that are deeply and contractually committed. There’s little to no discretionary budget, and even core resources are underfunded.  Not all that long ago, my public school textbooks were covered in years’ worth of markings from other students, and were written decades ago, back in the 70s and 80s. 

 

That the threat actors asked for $40 million and said they’d done their research merely proved that they were grossly uninformed. Asking for such an amount and saying you’ve done the research shows that.

 

Demanding such high ransomware from a school district also shows the worst of criminal intent – especially at a time when schools are struggling to sustain education in the midst of the pandemic, while taking on the added missions of reaching those kids suffering from food insecurity and unsafe home lives. Every independent security researcher and legitimate hacker group out there is trying to prevent exactly this sort of problem.

 

This attack underscores why cybersecurity for our public schools and local governmental agencies Must be part of the Infrastructure bill now being debated. 

 

The commercial and industrial sectors are learning that if they don’t invest in cybersecurity, they ultimately don’t have a product. The same holds true for the public sector – if local and state governments don’t invest in cybersecurity, they can’t effectively offer services and protect citizens’ data. Ultimately it impedes their ability to serve democracy on even the most basic levels, including protecting our childrens’ futures and offering fair and honest elections.

 

School systems will remain top targets, both because they don’t have the funds or resources to put security first, and because the PII of children can be so lucrative.

 

Once threat actors get ahold of kids identities, they can take advantage and place victims’ lives and well-being at risk, both immediately and then down the road. The first clue a child might get that their identity has been stolen could be years down the road, when they’re turned down for college loans or credit. Kids have become automatic targets at young age.

 

Now more than ever, we’ve got to support school infrastructures, including development of urgently needed cybersecurity infrastructure.

 

It’s understood and is heartening that the massive infrastructure bill now being debated includes funding for cleaner and less plastic-laden water, safer transportation, the addressing of racial opportunity inequities, cleaner air and other urgent needs. The securing of kids’ identities is another critical element in securing our future, and that starts with establishing the cybersecurity infrastructure of our local school districts and local governmental cybersecurity.

 

  Read Less
Like(0)  (0)

Linkedin Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The securing of kids’ identities is another critical element in securing our future...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-reaction-on-broward-district-attacker-demanded-40mil-ransom

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The securing of kids’ identities is another critical element in securing our future...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-reaction-on-broward-district-attacker-demanded-40mil-ransom

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
February 12, 2021

Singtel Cyberattack Via 3rd Party Accellion File Sharing System – Experts Perspective

The fact is that breaches are going to happen, and possibly through a 3rd party.

The Accellion file transfer product used by Sintel is 20 years old, and continues to be used by many organizations in the financial, governmental and commercial sector to transfer large files, despite Accellion’s offering of newer and more secure file sharing solutions.  That’s problematic – it’s the kind of decision that puts companies at sharply increased risk.  The fact is that breaches are going to happen, and possibly through a 3rd party.

 

The takeaway is that when a company pushes out

.....Read More

The Accellion file transfer product used by Sintel is 20 years old, and continues to be used by many organizations in the financial, governmental and commercial sector to transfer large files, despite Accellion’s offering of newer and more secure file sharing solutions.  That’s problematic – it’s the kind of decision that puts companies at sharply increased risk.  The fact is that breaches are going to happen, and possibly through a 3rd party.

 

The takeaway is that when a company pushes out security updates and urges their customers to adopt them, companies then need to take that advice and implement them. Like patches, product upgrades are crucial to sustaining a strong security posture.

  Read Less
Like(0)  (0)

Linkedin Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The fact is that breaches are going to happen, and possibly through a 3rd party...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/singtel-cyberattack-via-3rd-party-accellion-file-sharing-system-experts-perspective

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The fact is that breaches are going to happen, and possibly through a 3rd party...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/singtel-cyberattack-via-3rd-party-accellion-file-sharing-system-experts-perspective

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
February 11, 2021

Experts Reaction On 2021 Credential Stuffing Report Highlighting Poor Security Practices

Invest in detection tools, backups, and encryption – all of which are essential and should be universally employed at this point.

These statistics paint a useful picture of the crisis we’re in, but they also show that too many organizations are still running ad hoc and expanding the problem because they don’t know in a timely way when breaches happen. There are four simple steps that every organization should take. The first is passwords – company and customer account passwords should never have less than 20 characters because they’re just too easy to crack. Companies need to enforce stricter password policies,

.....Read More

These statistics paint a useful picture of the crisis we’re in, but they also show that too many organizations are still running ad hoc and expanding the problem because they don’t know in a timely way when breaches happen. There are four simple steps that every organization should take. The first is passwords – company and customer account passwords should never have less than 20 characters because they’re just too easy to crack. Companies need to enforce stricter password policies, both for the good of the organization and for their customers’ sakes. Everyone should be using password managers at this point, and also be warned never to reuse a password on or from any other account. It’s just too easy for passwords to get stolen and exploited, and yet people still reuse their favorite passwords across accounts.

 

Second, MFA needs to be enabled and required, and not just SMS, but MFA that allows the user to take advantage of an MFA app. Third, security must be embedded during site development. If an organization is using open source code, they need to invest in scanning to ensure that it’s safe, and remember that anything you use for free needs an investment behind it. Last, invest in detection tools, backups, and encryption – all of which are essential and should be universally employed at this point.

  Read Less
Like(0)  (0)

Linkedin Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Invest in detection tools, backups, and encryption – all of which are essential and should be universally employed at this point...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-2021-credential-stuffing-report-highlighting-poor-security-practices

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Invest in detection tools, backups, and encryption – all of which are essential and should be universally employed at this point...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-2021-credential-stuffing-report-highlighting-poor-security-practices

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
February 10, 2021

Hacker Breached Florida Treatment Plant To Poison The Water Supply

The area this happened it has a high population of children, and it’s disturbing to think someone would attempt to do harm like this.

The thing we need to understand is that you don’t have to be a highly skilled attacker to be able to successfully breach a system like this. Although alarms would’ve been triggered before any dangerous water reached anyone’s taps, this plant was very lucky that the worker noticed his mouse moving and was able to address it quickly. Water plants are not known for their security resources, and between budget cuts and COVID keeping people working remotely, they’re even more vulnerable.

.....Read More

The thing we need to understand is that you don’t have to be a highly skilled attacker to be able to successfully breach a system like this. Although alarms would’ve been triggered before any dangerous water reached anyone’s taps, this plant was very lucky that the worker noticed his mouse moving and was able to address it quickly. Water plants are not known for their security resources, and between budget cuts and COVID keeping people working remotely, they’re even more vulnerable. It’s becoming easier and easier to access systems like these by people who have hardly any experience at all.

 

The area this happened it has a high population of children, and it’s disturbing to think someone would attempt to do harm like this.

  Read Less
Like(0)  (0)

Linkedin Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The area this happened it has a high population of children, and it’s disturbing to think someone would attempt to do harm like this...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/hacker-breached-florida-treatment-plant-to-poison-the-water-supply

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The area this happened it has a high population of children, and it’s disturbing to think someone would attempt to do harm like this...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/hacker-breached-florida-treatment-plant-to-poison-the-water-supply

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
February 10, 2021

Expert On ESET Report Shows 768% Growth In RDP Attacks

And 29B attempted attacks for the year is a reminder that the bad guys never take a break.

I love that they actually got the statistic – 768% increase in remote desktop attacks. That’s definitely a number we need to be paying attention to. And 29B attempted attacks for the year is a reminder that the bad guys never take a break. A few things everyone should remember:

  1. Password security is crucial. Make them long, make them different, make them strong. Have a password manager. Use 2FA (or MFA) to help add that extra layer of security. And please, don’t click on anything without
.....Read More

I love that they actually got the statistic – 768% increase in remote desktop attacks. That’s definitely a number we need to be paying attention to. And 29B attempted attacks for the year is a reminder that the bad guys never take a break. A few things everyone should remember:

  1. Password security is crucial. Make them long, make them different, make them strong. Have a password manager. Use 2FA (or MFA) to help add that extra layer of security. And please, don’t click on anything without verifying it with the sender first.
  2. Have a playbook. And make sure it’s kept up to date. If you don’t have a playbook you likely don’t know what you’re up against, which also means you’ll be up against that “something” sooner than you think.

As most of us continue to work remotely, double checking files and links is an extra step. You can’t just yell across the hall, or visit someone else at their desk. Doing any IT troubleshooting is sometimes more difficult as well. As convenient as we’ve made working remotely, it still presents these extra steps to help stay secure that some people aren’t yet willing to continue to do every single time. Be paranoid. As weird as you might feel, always be paranoid. When you let your guard down is when you fall victim.

  Read Less
Like(0)  (0)

Linkedin Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"And 29B attempted attacks for the year is a reminder that the bad guys never take a break...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-on-eset-report-shows-768-growth-in-rdp-attacks

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"And 29B attempted attacks for the year is a reminder that the bad guys never take a break...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-on-eset-report-shows-768-growth-in-rdp-attacks

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
February 10, 2021

mHealth App APIs Vulnerable To Attacks Exposing PII & PHI – Experts Insight

Many of these types of apps don’t have strong security.

mHealth apps – even before the pandemic – have had real problems with security. Unfortunately, many of these types of apps don’t have strong security – they don’t allow MFA, they only require short passwords, and of course, the API-related issues this researcher has underscored. As stated in the report, we’re seeing people using healthcare apps even more now as a necessity driven by the pandemic.

 

Another area of vulnerability is how the apps are put together. Are they using OS software? If

.....Read More

mHealth apps – even before the pandemic – have had real problems with security. Unfortunately, many of these types of apps don’t have strong security – they don’t allow MFA, they only require short passwords, and of course, the API-related issues this researcher has underscored. As stated in the report, we’re seeing people using healthcare apps even more now as a necessity driven by the pandemic.

 

Another area of vulnerability is how the apps are put together. Are they using OS software? If so, are they checking for vulns in OS code? That’s a common problem, and it’s worth remembering that anything that’s free usually comes with a price.

  Read Less
Like(0)  (0)

Linkedin Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Many of these types of apps don’t have strong security...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/mhealth-app-apis-vulnerable-to-attacks-exposing-pii-phi-experts-insight

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Many of these types of apps don’t have strong security...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/mhealth-app-apis-vulnerable-to-attacks-exposing-pii-phi-experts-insight

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
February 01, 2021

Expert Insight: Bykea Delivery Svc. Unencrypted Server Leaks 400 Million Customers’ Data

In 2021 encryption should be a no brainer.

This is a case study in why every government needs to step in and enforce some fundamental data privacy protection legislation with penalties. Not too long ago, attackers deleted this company’s customer data base – but they had backups and were back in business.

 

Now, because of a failure to practice fundamental encryption to protect their customers’ data, some 400 million peoples’ financial, location, national identity cards and personal data has been exposed, and their lives are likely

.....Read More

This is a case study in why every government needs to step in and enforce some fundamental data privacy protection legislation with penalties. Not too long ago, attackers deleted this company’s customer data base – but they had backups and were back in business.

 

Now, because of a failure to practice fundamental encryption to protect their customers’ data, some 400 million peoples’ financial, location, national identity cards and personal data has been exposed, and their lives are likely to be upended at some point.

 

In 2021 encryption should be a no brainer. The first step must be better regulation governing all organizations collecting financial data and requiring them to use encryption. That mandate must come from all national governments large and small, with superpowers such as the US taking a lead, and with Zero Trust policies enforced as well.

 

Here in the US, we also lack requirements of businesses that reflect the practices mandated by the EU-US privacy Shield and GDPR. It’s past due time, and until our legislators take strong and informed actions, people are only going to continue getting hurt.

  Read Less
Like(0)  (0)

Linkedin Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"In 2021 encryption should be a no brainer...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-bykea-delivery-svc-unencrypted-server-leaks-400-million-customers-data

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"In 2021 encryption should be a no brainer...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-bykea-delivery-svc-unencrypted-server-leaks-400-million-customers-data

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 29, 2021

Data Privacy Protection Day (Thursday 28th) – Experts Comments

Major Tech has benefited and profited from the trust that consumers unknowingly placed in them.

There are many layers to data privacy, but one of them centers around a fundamental need for governments to re-think and more aggressively protect our rights as citizens to own our own data if we so choose.

 

Major Tech has benefited and profited from the trust that consumers unknowingly placed in them to protect our data and hold it private, rather than commoditizing it.

 

We’ve inherently accepted that they are allowed to collect our data for their purposes, without disclosing how that data

.....Read More

There are many layers to data privacy, but one of them centers around a fundamental need for governments to re-think and more aggressively protect our rights as citizens to own our own data if we so choose.

 

Major Tech has benefited and profited from the trust that consumers unknowingly placed in them to protect our data and hold it private, rather than commoditizing it.

 

We’ve inherently accepted that they are allowed to collect our data for their purposes, without disclosing how that data is being used. Today, the major social media companies know so much more about their billions of subscribers than most realize. In fact, in terms of consumer rights and transparency they act a bit like they are their own personal governments and tend to set rules that most aren’t aware of and don’t understand.

 

Documentaries such as “The Social Dilemma” are starting to peel back the layers of what’s involved in examining the current state of privacy rights and allowing consumers to reclaim ownership of their data. Europe’s “right to be forgotten” is a helpful model for what future US legislation could look like, but for the time being, social media’s unchecked data gathering has ballooned, prompting concerns such as about who is choosing the content that is being served to us, who has access to our data, and what they’re using it for.

 

It comes down in the end to how much data harvesting that We the People will awaken to and continue to permit social platforms to conduct. Will the public remain passive or urge legislators to take strong actions? One good start would be shifting from “opt out” practices to “opt in” ones – where decisions about whether and how much personal data to allow a social platform to share begins with the consumer, not with a company whose “opt out” mechanisms may be muddy and hard to navigate.

  Read Less
Like(0)  (0)

Linkedin Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Major Tech has benefited and profited from the trust that consumers unknowingly placed in them...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/data-privacy-protection-day-thursday-28th-experts-comments

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Major Tech has benefited and profited from the trust that consumers unknowingly placed in them...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/data-privacy-protection-day-thursday-28th-experts-comments

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 25, 2021

How Much Are You Worth On The Dark Web? (Credit Card, PayPal, SSN)

It's easier to prevent a fire than to put one out.

I find it really fascinating that in the U.S., we have the cheapest fullz at about $8/record. We know that in the countries that are the highest – Japan, UAE and Europe – they’re taking extra steps to make sure all companies are adhering to some sort of data privacy and protection. In the U.S., we don’t put it as high up on the priority list as they do, and this research clearly shows that.

 

Companies – and consumers – need to do better at privacy. Better passwords, having password

.....Read More

I find it really fascinating that in the U.S., we have the cheapest fullz at about $8/record. We know that in the countries that are the highest – Japan, UAE and Europe – they’re taking extra steps to make sure all companies are adhering to some sort of data privacy and protection. In the U.S., we don’t put it as high up on the priority list as they do, and this research clearly shows that.

 

Companies – and consumers – need to do better at privacy. Better passwords, having password managers, requesting multi-factor authentication. We need better regulation, better legislation. And, really, we need more overall awareness of our digital footprint. Close accounts you don’t or won’t use. Delete payment info. Reset passwords to be more than 20 characters.

 

It's easier to prevent a fire than to put one out.

  Read Less
Like(0)  (0)

Linkedin Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It\'s easier to prevent a fire than to put one out...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/how-much-are-you-worth-on-the-dark-web-credit-card-paypal-ssn

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"It\'s easier to prevent a fire than to put one out...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/how-much-are-you-worth-on-the-dark-web-credit-card-paypal-ssn

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 22, 2021

Cyber Criminals Left Stolen Phishing Credentials Exposed To Google Searches

The attack approach was also clever.

It’s interesting that they are targeting construction – that’s an industry that hasn’t received as much attention from attackers as other sectors. Usually, attackers are focused on healthcare, finance, energy, and retail – but those industries have certainly increased their investments in cybersecurity training over the last two years, so these attackers cleverly shifted to construction, where every initiative involves tens of millions or often hundreds of millions of dollars, and

.....Read More

It’s interesting that they are targeting construction – that’s an industry that hasn’t received as much attention from attackers as other sectors. Usually, attackers are focused on healthcare, finance, energy, and retail – but those industries have certainly increased their investments in cybersecurity training over the last two years, so these attackers cleverly shifted to construction, where every initiative involves tens of millions or often hundreds of millions of dollars, and deadlines and regulatory requirements must be strictly adhered to.

 

The attack approach was also clever: a fake login that already self-populates, so that most people wouldn’t be suspicious of the possibility of a phishing attack. Usually, when something self populates it’s viewed as legit and trusted. That’s why this campaign went undetected so often. They were clever but not clever enough, since they forgot to close their own server down and as a result, blew their chance to monetize their loot. 

 

We need to understand that these phishing attacks are getting more and more realistic, and the public needs to know that if they don’t consider their sector a target, it’s a very safe bet that it actually is.

  Read Less
Like(0)  (0)

Linkedin Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The attack approach was also clever...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cyber-criminals-left-stolen-phishing-credentials-exposed-to-google-searches

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Chloé Messdaghi, VP of Strategy, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The attack approach was also clever...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/cyber-criminals-left-stolen-phishing-credentials-exposed-to-google-searches

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Kevin Mandia, CEO, FireEye

"This is a positive, welcome step towards adding more friction to Russian operations. "

Experts On Russia Being Held Accountable For SolarWinds

Tony Cole, CTO , Attivo Networks

"The impact from all the actions taken by the US government? It’s undetermined at this point in time. "

Experts On Russia Being Held Accountable For SolarWinds

Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic

"The good news in the statement fact sheet is the part where the US government support a Global Cybersecurity Approach. "

Experts On Russia Being Held Accountable For SolarWinds

Jayant Shukla, CTO and co-founder, K2 Cyber Security

"Virtual patching is a feature of runtime application security solutions like RASP. "

Security Expert Re: NSA Urges Organizations To Patch Top Vulnerabilities Exploited By Russia

Saryu Nayyar, CEO, Gurucul

"The best defense is a full-stack offense which again includes cyber defenses powered by machine learning like security analytics. "

Expert Insights: Dir Nat’l Intelligence Releases Annual Threat Assessment Thursday

Garret F. Grajek, CEO, YouAttest

"My fear as an identity professional for 30 years is that more regulation will occur because of the threat. "

Expert Insights: Dir Nat’l Intelligence Releases Annual Threat Assessment Thursday

Craig Sanderson, VP of Security Products, Infoblox

"These incidents give us an opportunity to take a look at potential prevention steps. "

Expert Advice Developers to Improve Software Security After NAME:WRECK Disclosure

John Smith, Solution Architects EMEA and APAC, Veracode

"The potential impact of exploiting the NAME:WRECK vulnerabilities are substantial, but software flaws are not a new threat for businesses. "

Expert Advice Developers to Improve Software Security After NAME:WRECK Disclosure

Stephen Bradford, SVP EMEA, SailPoint

"When speed trumps security, we’re increasingly exposed to cyber fraud. "

Expert Reaction on Research that Coronavirus Triggering Surge in Cyber Fraud

Chris Strand, Chief Compliance Officer, IntSights

"The DPC was instrumental in enforcing a fine on Twitter when 32.8 million credentials ended up online last year. "

Expert Comment On DPC Facebook Investigation

Jake Moore, Cybersecurity Specialist, ESET

"Apple are likely to have suspected a threat to the hardware if this had got out, hence why it was kept under wraps. "

Apple Quietly Updated Some Of Its Top Hardware Due To Security Risks

Satnam Narang, Senior Research Engineer, Tenable

"We strongly encourage users and organizations alike to ensure they are patching their browsers like Chrome and Edge as soon as possible. "

Security Researcher “Chrome 0day” Tweet – Expert Insight

Steve Forbes, Government Cyber Security Expert, Nominet States

"It is vital that governments pay close attention to the resilience of their critical infrastructures. "

Iran Nuclear Facility Potential Cyber Attack – What Expert Says

Saryu Nayyar, CEO, Gurucul

"The good news is that it appears the only damage is financial, and likely temporary. "

Industry Leaders On Android.Joker Malware

Eddie Glenn, Senior Product Manager, Venafi

"These timestamps indicate that the code signing certificate was valid at the time it was used to sign the code. "

Expert Reaction On Pulse Secure VPN Users Can’t Login Due To Certificate Related Outage

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

ISB CONFERENCE

ISB Conference 2021

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel