Information Security Buzz
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • ISB Conference 2021
  • Register
  • Log In
Top Posts
ObliqueRAT Trojan Lurks On Compromised Websites – Experts...
Microsoft Multiple 0-Day Attack – Tenable Comment
Experts Reaction On Malaysia Airlines 9 Years Old...
IoT Security In The Spotlight, As Research Highlights...
Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber...
Expert Reaction On Solarwinds Blames Intern For Weak...
Expert Reaction On Go Is Becoming The Language...
Three Reasons The Security Industry Is Protecting The...
Experts On Google Voice Outage
Preparing For Tomorrow – Why Weathering The Initial...
Information Security Buzz
Connecting Security Experts
  • HOME
  • Domains
    • Data Breach
    • Malware
    • Application Security
    • IoT
    • Cloud Security
    • Privacy
  • InfoSec Deals
  • Companies
  • Security Experts
  • ISB Conference 2021
  • Register
  • Log In
Expert(s): November 30, 2020
David Kennefick
Solutions Architectfeature_status*/ ?>
Edgescan

Comments Dotted : 4
February 24, 2021

Expert Commentary On 30,000 Macs Infected With New Silver Sparrow Malware

Mac users are advised to update their operating systems and install an antivirus.

There is a misconception around Apple devices that they are not susceptible to malware infections, which is a myth that needs to be debunked. While it certainly makes sense for malware authors to target more popular OS types with greater frequency, there have been many examples of OS X-specific malware as well.

 

Mac users are advised to update their operating systems and install an antivirus. Apple devices are the same as any other piece of technology, they can be infected with malware and/or

.....Read More

There is a misconception around Apple devices that they are not susceptible to malware infections, which is a myth that needs to be debunked. While it certainly makes sense for malware authors to target more popular OS types with greater frequency, there have been many examples of OS X-specific malware as well.

 

Mac users are advised to update their operating systems and install an antivirus. Apple devices are the same as any other piece of technology, they can be infected with malware and/or viruses. Apps should also be updated regularly to ensure that the latest, safe version is installed, to avoid these becoming the entry vector for threat actors.

  Read Less
Like(0)  (0)

Linkedin Message

@David Kennefick, Solutions Architect, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Mac users are advised to update their operating systems and install an antivirus...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-commentary-on-30000-macs-infected-with-new-silver-sparrow-malware

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@David Kennefick, Solutions Architect, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Mac users are advised to update their operating systems and install an antivirus...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/expert-commentary-on-30000-macs-infected-with-new-silver-sparrow-malware

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
December 08, 2020

Experts On Major Security Flaw Found In Android TV – Consumers Be Warned

The root cause appears to be nearly the same: default credentials on an unspecified port.
This is very similar to how some of the Android BusyBox deployments got hacked in late 2016. This lead to a rapid increase in the scale and bandwidth utilised during DDoS attacks. The root cause appears to be nearly the same: default credentials on an unspecified port. Should these devices have this capability, who has access and why do they require access are questions that need to be asked. Previously the issue was on Telnet (port23 by default), with default credentials remaining from the.....Read More
This is very similar to how some of the Android BusyBox deployments got hacked in late 2016. This lead to a rapid increase in the scale and bandwidth utilised during DDoS attacks. The root cause appears to be nearly the same: default credentials on an unspecified port. Should these devices have this capability, who has access and why do they require access are questions that need to be asked. Previously the issue was on Telnet (port23 by default), with default credentials remaining from the rebranding and repacking of IoT devices, but not reconfiguring the devices themselves. There is very little information available on the TCL website related to configurations and exposures of these devices.  Read Less
Like(3)  (0)

Linkedin Message

@David Kennefick, Solutions Architect, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The root cause appears to be nearly the same: default credentials on an unspecified port. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-on-major-security-flaw-found-in-android-tv-consumers-be-warned

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@David Kennefick, Solutions Architect, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"The root cause appears to be nearly the same: default credentials on an unspecified port. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-on-major-security-flaw-found-in-android-tv-consumers-be-warned

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
November 24, 2020

Experts Commenting On Hacker Posts Exploits For Over 49,000 Vulnerable Fortinet VPNs

Organisation need to implement and enforce strong patching policies.
This vulnerability has been a known issue for nearly two years now. The list that this hacker has posted is not exhaustive, there may be many more organisations that have the same issues that are not included in the exploit dump. This year, ransomware has been rampant all over the globe, and this exploit is just another way for attackers to deliver their payloads. This is a one-line exploit, which means the attack is fairly simple to run, and any susceptible systems should be addressed,.....Read More
This vulnerability has been a known issue for nearly two years now. The list that this hacker has posted is not exhaustive, there may be many more organisations that have the same issues that are not included in the exploit dump. This year, ransomware has been rampant all over the globe, and this exploit is just another way for attackers to deliver their payloads. This is a one-line exploit, which means the attack is fairly simple to run, and any susceptible systems should be addressed, patched or taken offline immediately. Organisation need to implement and enforce strong patching policies. This needs to be coupled with strong asset management so it is understood exactly what needs to be patched and where the technology resides.  Read Less
Like(0)  (0)

Linkedin Message

@David Kennefick, Solutions Architect, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organisation need to implement and enforce strong patching policies. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-commenting-on-hacker-posts-exploits-for-over-49000-vulnerable-fortinet-vpns

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@David Kennefick, Solutions Architect, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Organisation need to implement and enforce strong patching policies. ..."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/experts-commenting-on-hacker-posts-exploits-for-over-49000-vulnerable-fortinet-vpns

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.
October 05, 2020

Microsoft Excel spreadsheet error leads to major COVID UK stats mishap – cybersecurity experts have their say

Track and trace is very new for most countries.
In an ideal world, Excel would not be used to correlate the track and trace information. While Excel would be an excellent tool for this, it is missing some vital components that would make this viable in the long term. The main benefit of track and trace technology is rapidly being able to notify somebody of any potential exposures. I would speculate that PHE is looking to move to a more suitable technology that can provide more granular permissions for users who are creating, reading,.....Read More
In an ideal world, Excel would not be used to correlate the track and trace information. While Excel would be an excellent tool for this, it is missing some vital components that would make this viable in the long term. The main benefit of track and trace technology is rapidly being able to notify somebody of any potential exposures. I would speculate that PHE is looking to move to a more suitable technology that can provide more granular permissions for users who are creating, reading, updating, and deleting information on the current system. Excel may be used to refine the process for implementation into another more suitable technology. The main concerns are, who has access to the data, do they need access, is their access audited, and do they have access to only the data that pertains to them being able to perform their tasks in a timely manner. Track and trace is very new for most countries, there will be a bedding-in period where these questions must be answered.  Read Less
Like(1)  (0)

Linkedin Message

@David Kennefick, Solutions Architect, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Track and trace is very new for most countries...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/microsoft-excel-spreadsheet-error-leads-to-major-covid-uk-stats-mishap-cybersecurity-experts-have-their-say

Copy this message and share on your Linkedin profile. Thanks!

Facebook Message

@David Kennefick, Solutions Architect, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Track and trace is very new for most countries...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/microsoft-excel-spreadsheet-error-leads-to-major-covid-uk-stats-mishap-cybersecurity-experts-have-their-say

Copy this message and share on your Facebook profile. Thanks!
    No Comments Yet ....
Please login to comment.

SECURELY DOTTED BY

Saryu Nayyar, CEO, Gurucul

"The evolution of the ObliqueRAT trojan is a good example of how malicious actors are constantly updating their tools and techniques. "

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

James McQuiggan, Security Awareness Advocate, KnowBe4

"It is essential to conduct red team or pen testing exercises. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Nikos Mantas, Incident Response Expert, Obrela Security Industries

"Data security should be a priority for all organisations today. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

David Sygula, Senior Cybersecurity Analyst , CybelAngel

"Organisations must constantly scan for leaked documents outside the enterprise perimeter. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Satnam Narang, Senior Research Engineer, Tenable

"We expect other threat actors to begin leveraging these vulnerabilities in the coming days and weeks. "

Microsoft Multiple 0-Day Attack – Tenable Comment

Sam Curry, Chief Security Officer, Cybereason

"Total transparency is needed and they need to hone in on more specific details and be completely transparent with Enrich members. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Florian Thurmann, Technical Director, EMEA , Synopsys Software Integrity Group

"Your organisation won’t be able to determine which of their employees has made a given change in the system. "

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

Alan Grau, VP of IoT , Sectigo

"Best-practices for IoT device security include strong authentication and secure software updates. "

IoT Security In The Spotlight, As Research Highlights Alexa Security Flaws

Jake Moore, Cybersecurity Specialist, ESET

"Sensitive data such as this leaked into dark web forums can have damaging consequences. "

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Joseph Carson, Chief Security Scientist & Advisory CISO, Thycotic

"Password hygiene should be part of employee training and cyber awareness training. "

Expert Reaction On Solarwinds Blames Intern For Weak Passwords

Natalie Page, Cyber Threat Intelligence Analyst, Sy4 Security

"Currently Golang produce’s a much lower detection rate against security software. "

Expert Reaction On Go Is Becoming The Language Of Choice For Criminals To Design Malware

Chris Hickman, Chief Security Officer, Keyfactor

"A certificate expiration on its own is not necessarily a security response incident. "

Experts On Google Voice Outage

Adam Enterkin, SVP, EMEA, BlackBerry

"Even the best cybersecurity teams have had major challenges this last year. "

Expert Reaction On GCHQ To Use AI In Cyberwarfare

Jamie Akhtar, CEO and Co-founder, CyberSmart

"Universities are home to some of the world’s most cutting-edge research. "

Comment: Hackers Break Into ‘Biochemical Systems’ At Oxford Uni Lab Studying Covid-19

Jake Moore, Cybersecurity Specialist, ESET

"Honourable criminal hacking is still illegal and comes with some of the same intentions of standard unethical hacking. "

Expert Reaction On Private Data Leaked From Far-right Platform Gab

WORKING WITH US

About Us

Advertise With Us

Information Security Companies

Contact Us

ISB CONFERENCE

ISB Conference 2021

THE PAGES

Privacy Policy

Terms & Conditions

RSS Feeds

INFORMATION SECURITY EXPERTS

Information Security Experts: Comments Dotted

Register and Comments

Categories

  • Facebook
  • Twitter

Copyright © 2020 ISBuzz Pty Ltd is a company registered in Australia with company number 605 203 772 whose registered office is 14 Alanvale Street, Harrison, ACT 2914.


Back To Top
Information Security Buzz
  • Home
  • Experts Comments on News
  • Security Articles
  • Vendor News
  • Study & Research
  • ISBuzz Expert Panel