Asus Router Flaws Disclosed by Several Researchers
Several security researchers and companies have recently disclosed the details of potentially serious vulnerabilities they discovered in the past months in various Asus routers. Fortinet reported on Tuesday that its researchers had found a vulnerability in some Asus routers that allows an authenticated attacker to execute arbitrary commands with root privileges.
Data Encryption: 4 Common Pitfalls
To maximize encryption effectiveness you must minimize adverse effects in network performance and complexity. Here’s how. Employing data encryption is a no-brainer, as it supports the defense-in-depth strategy that organizations must embrace to stop bad actors from accessing sensitive network files. However, outside of the extra layers of protection data encryption can provide, there are also tradeoffs…
Attackers disrupt business operations through stealthy crypto mining
WannaMine, a Monero-mining worm discovered last October, is increasingly wreaking havoc on corporate computers. Either by slowing down computers or by crashing systems and applications, the crypto mining worm is, according to CrowdStrike researchers, seriously affecting business operations and rendering some companies unable to operate for days and even weeks.
Cisco Patches Critical Code Execution Flaw in Security Appliances
Cisco informed customers on Monday that updates released for its Adaptive Security Appliance (ASA) software patch a critical vulnerability that can be exploited to gain full control of devices or cause them to reload. The security hole, tracked as CVE-2018-0101 and assigned a CVSS score of 10, allows a remote and unauthenticated attacker to execute arbitrary code…
Breach-Proofing Your Data in a GDPR World
The massive data breaches that have hit the headlines in recent years, including Yahoo, Verizon, and particularly Equifax, have taken a toll on breach victims, consumers, and corporations. We’ve seen stocks drop precipitously, class-action lawsuits filed, CEOs shown the door, and executives called before Congress. This year, breaches could be even more costly for companies…
Six Months in Jail for University Email Hacker
A man who accessed over 1,000 email accounts maintained by a New York City-area university to download in appropriate photos and videos was sentenced to 6 months in prison this week. The man, Jonathan Powell, 30, of Phoenix, Arizona, pled guilty to the charges on August 9, 2017, in Manhattan federal court before United States…
Cyber attacks surge, ransomware leading the way
The Online Trust Alliance (OTA) found that cyber incidents targeting businesses nearly doubled from 82,000 in 2016 to 159,700 in 2017. Since the majority of cyber incidents are never reported, OTA believes the actual number in 2017 could easily exceed 350,000. “Surprising no one, 2017 marked another ‘worst year ever’ in data breaches and cyber incidents around the world,”…
Data breaches at an all time high: How are businesses protecting themselves?
Digitally transformative technologies are shaping the way organisations do business and moving them to a data-driven world, with 94% of organisations using sensitive data in cloud, big data, IoT, container, blockchain and/or mobile environments, according to the 2018 Thales Data Threat Report. Digital transformation is driving efficiency and scale as well as making possible new business…
How cybercriminals abuse the travel and hospitality industry
The travel and hospitality industry suffers billions of losses each year due to fraud. “With the right combination of other underground services (compromised accounts, credit cards, etc.) it is possible to cover almost every aspect of the holidays, including food and restaurants, shopping, entertainment, guided tours and more – way beyond flights and hotels,” Vladimir…
It’s 2018: Time to assess your cyberrisk
What springs to mind when you hear the phrase: “The future’s already here”? It evokes thoughts of new technologies that are poised to make life easier, better, and safer — not modern cyberthreats. But so-called next-generation threats are already here, too. On February 20, within the framework of the European Summit on Information Security (TEISS…