Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • ISB Conference 2021
  • Register
  • Log In
Top Posts
ObliqueRAT Trojan Lurks On Compromised Websites – Experts...
Microsoft Multiple 0-Day Attack – Tenable Comment
Experts Reaction On Malaysia Airlines 9 Years Old...
IoT Security In The Spotlight, As Research Highlights...
Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber...
Expert Reaction On Solarwinds Blames Intern For Weak...
Expert Reaction On Go Is Becoming The Language...
Three Reasons The Security Industry Is Protecting The...
Experts On Google Voice Outage
Preparing For Tomorrow – Why Weathering The Initial...
Information Security Buzz
Connecting Security Experts
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • ISB Conference 2021
  • Register
  • Log In
Expert(s): November 30, 2020
Mark Bower
Senior Vice Presidentfeature_status*/ ?>
comforte AG

Comments Dotted : 10
February 05, 2021

New Malware Hijacks Kubernetes Clusters To Mine Monero – Experts Insight

Kubernetes is extremely powerful and a new foundation of IT strategy.

Kubernetes is extremely powerful and a new foundation of IT strategy, but not immune from malware, vulnerability and exploitation. Indeed, the dynamics, agility and scale that make it attractive to run scaled workloads at a moment’s notice also make it an attractive target for exploitation. While many attacks to date have focused on cryptomining, with the growing utilization of Kubernetes across industry, it will continue to be a focus of attack. The nature of this malware evidences that

.....Read More

Kubernetes is extremely powerful and a new foundation of IT strategy, but not immune from malware, vulnerability and exploitation. Indeed, the dynamics, agility and scale that make it attractive to run scaled workloads at a moment’s notice also make it an attractive target for exploitation. While many attacks to date have focused on cryptomining, with the growing utilization of Kubernetes across industry, it will continue to be a focus of attack. The nature of this malware evidences that managing risk when running kubernetes applications has to go beyond dependence on the bare minimum infrastructure level controls like TLS and container encryption, and shift to data-centric security for sensitive personal data. This has proven highly effective over the last decade, with new techniques like stateless data tokenization taking strategic prominence with industry leading enterprises. The good news is this available for cloud-native/kubernetes ecosystems today and ready to mitigate threats while letting enterprises get on with digital transformation at full throttle without breach risks getting in the way.

  Read Less
Like(0)  (0)

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Kubernetes is extremely powerful and a new foundation of IT strategy...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/new-malware-hijacks-kubernetes-clusters-to-mine-monero-experts-insight

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Kubernetes is extremely powerful and a new foundation of IT strategy...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/new-malware-hijacks-kubernetes-clusters-to-mine-monero-experts-insight

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
January 07, 2021

Security Experts Insight On Nissan Source Code Leaked

onnected systems at the edge, including automotive components, are not always simple to update at a firmware level.

Modern connected cars with convenient features like remote unlock, remote start require at least a 4 digit PIN to do it and strong authentication to use them. It’s curious then why the alleged source code repository for the backend and front-end for this technology wasn’t protected with an equally bare minimum security method. This is a classic example of the security being only as good as the weakest link – most likely in this case down to both human error and lack of process for risk

.....Read More

Modern connected cars with convenient features like remote unlock, remote start require at least a 4 digit PIN to do it and strong authentication to use them. It’s curious then why the alleged source code repository for the backend and front-end for this technology wasn’t protected with an equally bare minimum security method. This is a classic example of the security being only as good as the weakest link – most likely in this case down to both human error and lack of process for risk scanning of critical infrastructure for vulnerable credentials and effective data security”.

The recent Solarwinds situation should have prompted organisations across industry to be revisit their supply chain security, data security and authentication as a matter of priority – including any internet facing or cloud components. Access to code for potential core IoT/connected car applications opens up a raft of potential vulnerability exploits for attackers, if the claims of the full source code dump circulating on twitter are indeed true. Connected systems at the edge, including automotive components, are not always simple to update at a firmware level to address new threats, requiring dealership processes. This means any discovered exploits such as vulnerable TCP/IP stacks, credential management and offline authentication methods in the connected path to the vehicle’s bevvy of connected devices may indeed become targets for attacker analysis and compromise, made easier with access to source code.

  Read Less
Like(0)  (0)

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"onnected systems at the edge, including automotive components, are not always simple to update at a firmware level...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/security-experts-insight-on-nissan-source-code-leaked

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"onnected systems at the edge, including automotive components, are not always simple to update at a firmware level...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/security-experts-insight-on-nissan-source-code-leaked

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
December 11, 2020

Payments Processor TSYS Ransomware Attack – Expert Comment

Data processors and payment organizations at the heart of entire industries are always on the radar of attackers.
Data processors and payment organizations at the heart of entire industries are always on the radar of attackers. The high volumes of third-party data make them very attractive – both for the data they handle themselves and the data they have been entrusted with. Historically, they have also been entities where an attack to the administrative side has led to subsequent and secondary breaches of core processing platforms from attackers using data in emails, files, and databases. While so.....Read More
Data processors and payment organizations at the heart of entire industries are always on the radar of attackers. The high volumes of third-party data make them very attractive – both for the data they handle themselves and the data they have been entrusted with. Historically, they have also been entities where an attack to the administrative side has led to subsequent and secondary breaches of core processing platforms from attackers using data in emails, files, and databases. While so far, the good news is the core processing systems have not been impacted, likely from a modern data-centric approach to protecting it that’s common in leading payment processors, the bottom line is that this sends a clear reminder to any organization in the scaled data collection and processing business to ensure data security is implemented end-to-end, or made a top priority for the next year as we collect, store and process more sensitive data than ever. Privacy and security regulations are clearly motivation, but having gigabytes of sensitive data leaked can quickly morph into an uncontainable nightmare with equally uncontained cost impact without it.  Read Less
Like(0)  (0)

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Data processors and payment organizations at the heart of entire industries are always on the radar of attackers...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/payments-processor-tsys-ransomware-attack-expert-comment

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Data processors and payment organizations at the heart of entire industries are always on the radar of attackers...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/payments-processor-tsys-ransomware-attack-expert-comment

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
December 02, 2020

Expert Insight: Docker Malware Is Now Common – Devs Need To React Accordingly

To thwart the variations of malware and attacks from misconfiguration or API exploitation, a data-centric approach is vital.
Platforms like Kubernetes enable immense application delivery power. However, the built-in security controls reflect classical data-at-rest and transport encryption, perimeter, and access control based security. While these controls are important, the last decade has seen leading enterprises and data processors shift towards data-centric over perimeter controls to combat advanced malware, ransomware, and insider risk to sensitive data. Fundamentally, to thwart the variations of malware and.....Read More
Platforms like Kubernetes enable immense application delivery power. However, the built-in security controls reflect classical data-at-rest and transport encryption, perimeter, and access control based security. While these controls are important, the last decade has seen leading enterprises and data processors shift towards data-centric over perimeter controls to combat advanced malware, ransomware, and insider risk to sensitive data. Fundamentally, to thwart the variations of malware and attacks from misconfiguration or API exploitation, a data-centric approach is vital even with advanced container and app orchestration ecosystems to avoid data compromise or attacks that can create havoc for data-hungry enterprises depending on them.  Read Less
Like(0)  (0)

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"To thwart the variations of malware and attacks from misconfiguration or API exploitation, a data-centric approach is vital...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-docker-malware-is-now-common-devs-need-to-react-accordingly

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"To thwart the variations of malware and attacks from misconfiguration or API exploitation, a data-centric approach is vital...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-insight-docker-malware-is-now-common-devs-need-to-react-accordingly

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
November 20, 2020

Experts On New Grelos Skimmer Variant Reveals Overlap in Magecart Activities

The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers.
The shift to increasingly online merchant transformation as a result of the pandemic combined with consumers embracing potentially new retailers for out-of-stock items as we enter the holiday season creates the dual-edge sword of retail business growth and increased attack opportunity for criminal groups. The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers that steal data on web form entry along with more deeply penetrating malware and.....Read More
The shift to increasingly online merchant transformation as a result of the pandemic combined with consumers embracing potentially new retailers for out-of-stock items as we enter the holiday season creates the dual-edge sword of retail business growth and increased attack opportunity for criminal groups. The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers that steal data on web form entry along with more deeply penetrating malware and ransomware to attack and disrupt the merchant data supply-chain to steal PII, financial, and credit card data. The solution has to be the one-two punch of integrity checking on web sites on a continuous basis to knock out rogue javascript injection, and end to end data protection beyond the web front-end using proven technology including tokenization to render sensitive data useless at the earliest capture point. This potent combination will mitigate these threats and disrupt the attackers own theft-to-darkweb retail business.  Read Less
Like(0)  (0)

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-on-new-grelos-skimmer-variant-reveals-overlap-in-magecart-activities

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The online retail industry can expect to see increasingly obfuscated variants of the magecart skimmers...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-on-new-grelos-skimmer-variant-reveals-overlap-in-magecart-activities

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
October 20, 2020

What Experts Say On EU Investigating Instagram Over Child Data Violations

Vendors have the utmost responsibility for compliance and transparency.
For obvious reasons, children’s data collection and protection have very specific handling in many jurisdictions and called out in GDPR very specifically. While a data protection regulator is no substitute for parenting and education to ensure children begin to understand how their data is eventually used, vendors have the utmost responsibility for compliance and transparency. In GDPR Article 8, the consent requirements, age limitations, and responsibilities are very clear, especially around.....Read More
For obvious reasons, children’s data collection and protection have very specific handling in many jurisdictions and called out in GDPR very specifically. While a data protection regulator is no substitute for parenting and education to ensure children begin to understand how their data is eventually used, vendors have the utmost responsibility for compliance and transparency. In GDPR Article 8, the consent requirements, age limitations, and responsibilities are very clear, especially around consent. The fact that a data scientist has discovered trivial data exposure of what appears to be vulnerable minors in data collection applications is alarming if true. This is especially a concern given that it is also equally simple these days to de-identify, mask, or secure it and thus there are few excuses not to comply. In a world of attacks, data theft, and misuse, privacy and security has to be a first priority, especially the data of our next generation’s citizens.  Read Less
Like(1)  (0)

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Vendors have the utmost responsibility for compliance and transparency...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/what-experts-say-on-eu-investigating-instagram-over-child-data-violations

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Vendors have the utmost responsibility for compliance and transparency...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/what-experts-say-on-eu-investigating-instagram-over-child-data-violations

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
October 16, 2020

Experts Insight On Barnes & Noble Hack

Organisations have an increasing obligation to their customers to secure a lot more than just the minimum.
We’ve seen a repeating pattern in recent scaled breaches like this case – partial protection of sensitive data perhaps for compliance, but not the full gamut within the scope of customer data privacy and trust responsibility. Fundamentally, organisations have an increasing obligation to their customers to secure a lot more than just the minimum. Privacy regulations like CCPA are transferring increasing data rights to citizens over data management and security, and today, business leaders.....Read More
We’ve seen a repeating pattern in recent scaled breaches like this case – partial protection of sensitive data perhaps for compliance, but not the full gamut within the scope of customer data privacy and trust responsibility. Fundamentally, organisations have an increasing obligation to their customers to secure a lot more than just the minimum. Privacy regulations like CCPA are transferring increasing data rights to citizens over data management and security, and today, business leaders have to consider personal data as a trusted donation, not just data acquisition. The challenge for CISO’s is balancing data use, security, and data privacy in equal measures. Technologies like tokenisation, particularly those suited to agile and scaled use, help avoid data breaches while preserving analytic utility in data. As such, this technology has to prioritised for investment as a foundation for risk-reduced digital transformation and cloud migration  Read Less
Like(0)  (0)

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organisations have an increasing obligation to their customers to secure a lot more than just the minimum...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-barnes-noble-hack

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organisations have an increasing obligation to their customers to secure a lot more than just the minimum...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-insight-on-barnes-noble-hack

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
August 28, 2020

Details on over 350,000 SSL247 customers exposed due to misconfigured AWS bucket

The cloud itself represents the ultimate 3rd party risk.
The cloud itself represents the ultimate 3rd party risk, and minimum viable compliance is proven yet again to be nowhere close enough to minimum viable security. The twist is that the shared responsibility model for the cloud puts 100% the responsibility on the data owner when they are responsible to secure, configure, and control the cloud they are using. This is a classic and preventable case of breakdown - assuming the cloud’s controls are in place or sufficient, and illustrating the weak.....Read More
The cloud itself represents the ultimate 3rd party risk, and minimum viable compliance is proven yet again to be nowhere close enough to minimum viable security. The twist is that the shared responsibility model for the cloud puts 100% the responsibility on the data owner when they are responsible to secure, configure, and control the cloud they are using. This is a classic and preventable case of breakdown - assuming the cloud’s controls are in place or sufficient, and illustrating the weak reliance on checklists and humans to enforce them. So many organizations rely on risk assessments instead of hard, proven controls like encryption and tokenization of data. The former may meet a policy, but only the latter will stop data theft when misconfiguration, attack, or error leaves data exposed.  Read Less
Like(29)  (0)

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The cloud itself represents the ultimate 3rd party risk...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/details-on-over-350000-ssl247-customers-exposed-due-to-misconfigured-aws-bucket

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The cloud itself represents the ultimate 3rd party risk...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/details-on-over-350000-ssl247-customers-exposed-due-to-misconfigured-aws-bucket

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
August 19, 2020

Experts Reaction On Discovery Of Over 2.5M Medical Records Publicly available

Organizations must at least operate under a HIPAA Business Associate Agreement with the data provider
Sensitive insurance claims processing data, which looks to be in the data in question, is regulated under HIPAA, GLBA, and various state security and privacy mandates in the US. Yet clearly, this data interchange lacked any data security to meet such rules. To receive such information, organizations must at least operate under a HIPAA Business Associate Agreement with the data provider. The BAA outlines mandatory data security controls including data de-identification, encryption, and audit......Read More
Sensitive insurance claims processing data, which looks to be in the data in question, is regulated under HIPAA, GLBA, and various state security and privacy mandates in the US. Yet clearly, this data interchange lacked any data security to meet such rules. To receive such information, organizations must at least operate under a HIPAA Business Associate Agreement with the data provider. The BAA outlines mandatory data security controls including data de-identification, encryption, and audit. While the benefits of third-party AI services are clear, to avoid breaches like this, the data owner as well as the AI service should also consider protecting the data set before sharing and use, for example, with modern data-centric tokenization. This technology balances insight and utility with exposure risk, enabling insight and use of data in low-trust IT. In this case, there’s likely to be significant regulatory response cost which could have been avoided with some very low cost and simple data-security investments that pale in comparison to the cost of remediation.  Read Less
Like(0)  (0)

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organizations must at least operate under a HIPAA Business Associate Agreement with the data provider..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-discovery-of-over-2-5m-medical-records-publicily-available

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organizations must at least operate under a HIPAA Business Associate Agreement with the data provider..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-reaction-on-discovery-of-over-2-5m-medical-records-publicily-available

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
July 23, 2020

Twilio’s SDK Compromised by Attackers – Expert Reaction

Compromise of common cloud security infrastructure is a jewel in the crown for any attacker.
Compromise of common cloud security infrastructure is a jewel in the crown for any attacker given the scope of influence over dependent enterprises and broadly deployed mobile applications alike. Storage configuration, SDK and API attacks are an increasingly exploited vectors that can lead to misdirection, malware injection, manipulation and theft of data. While malvertising was the initial endgame here, that in itself can lead to compromise of end user platforms and secondary data theft. Given .....Read More
Compromise of common cloud security infrastructure is a jewel in the crown for any attacker given the scope of influence over dependent enterprises and broadly deployed mobile applications alike. Storage configuration, SDK and API attacks are an increasingly exploited vectors that can lead to misdirection, malware injection, manipulation and theft of data. While malvertising was the initial endgame here, that in itself can lead to compromise of end user platforms and secondary data theft. Given the increasing dependency and complexity of cloud applications and platforms, human error will have increasing impact and data breach ramifications with further adoption, signaling the need for new approaches to secure data at risk from simple, yet easy to make, mistakes on a more robust level.  Read Less
Like(1)  (0)

Linkedin Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Compromise of common cloud security infrastructure is a jewel in the crown for any attacker...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/twilios-sdk-compromised-by-attackers-expert-reaction

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@Mark Bower, Senior Vice President, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Compromise of common cloud security infrastructure is a jewel in the crown for any attacker...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/twilios-sdk-compromised-by-attackers-expert-reaction

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Saryu Nayyar, CEO, Gurucul

"The evolution of the ObliqueRAT trojan is a good example of how malicious actors are constantly updating their tools and techniques. "

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

James McQuiggan, Security Awareness Advocate, KnowBe4

"It is essential to conduct red team or pen testing exercises. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Nikos Mantas, Incident Response Expert, Obrela Security Industries

"Data security should be a priority for all organisations today. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

David Sygula, Senior Cybersecurity Analyst , CybelAngel

"Organisations must constantly scan for leaked documents outside the enterprise perimeter. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Satnam Narang, Senior Research Engineer, Tenable

"We expect other threat actors to begin leveraging these vulnerabilities in the coming days and weeks. "

Microsoft Multiple 0-Day Attack – Tenable Comment

Sam Curry, Chief Security Officer, Cybereason

"Total transparency is needed and they need to hone in on more specific details and be completely transparent with Enrich members. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Florian Thurmann, Technical Director, EMEA , Synopsys Software Integrity Group

"Your organisation won’t be able to determine which of their employees has made a given change in the system. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Alan Grau, VP of IoT , Sectigo

"Best-practices for IoT device security include strong authentication and secure software updates. "

IoT Security In The Spotlight, As Research Highlights Alexa Security Flaws

Jake Moore, Cybersecurity Specialist, ESET

"Sensitive data such as this leaked into dark web forums can have damaging consequences. "

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic

"Password hygiene should be part of employee training and cyber awareness training. "

Expert Reaction On Solarwinds Blames Intern For Weak Passwords

Natalie Page, Cyber Threat Intelligence Analyst, Sy4 Security

"Currently Golang produce’s a much lower detection rate against security software. "

Expert Reaction On Go Is Becoming The Language Of Choice For Criminals To Design Malware

Chris Hickman, Chief Security Officer, Keyfactor

"A certificate expiration on its own is not necessarily a security response incident. "

Experts On Google Voice Outage

Adam Enterkin, SVP, EMEA, BlackBerry

"Even the best cybersecurity teams have had major challenges this last year. "

Expert Reaction On GCHQ To Use AI In Cyberwarfare

Jamie Akhtar, CEO and Co-founder, CyberSmart

"Universities are home to some of the world’s most cutting-edge research. "

Comment: Hackers Break Into ‘Biochemical Systems’ At Oxford Uni Lab Studying Covid-19

Jake Moore, Cybersecurity Specialist, ESET

"Honourable criminal hacking is still illegal and comes with some of the same intentions of standard unethical hacking. "

Expert Reaction On Private Data Leaked From Far-right Platform Gab

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

ISB CONFERENCE

ISB Conference 2021

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel