Why Ethical Hackers have an essential part to play in protecting enterprise data from cybersecurity threats

The beginning of October sees the start of Cyber Security Awareness Month, a collaborative effort between governments and industry to raise awareness about the importance of staying safe online. Part of this conversation inevitably revolves around cybersecurity threats. Highlighting the simple steps that can be taken to protect data, whether personal, financial and/or professional...

Read More

The evolution of smart cities: what provisions are vital for their success?

Cities are undergoing a wave of digital transformation. With rapid population growth and urbanization transforming the way we live, improving or even maintaining our current quality of life relies upon using resources more efficiently. To put this point into perspective, it is estimated that by 2050, 66 percent of the global population will live in cities – an additional...

Read More

Twitter allows 2-factor authentication without a Phone Number

After witnessing a Sim Swapping saga with CEO Jack Dorsey, Twitter has made it official that from now on its users can enable two-factor authentication without the need for a phone number. Kayvon Beykpour, a product lead on Twitter has confirmed the news and said that the new security feature will enable the users to secure their account without the need to give a phone number and inbound SMS. He added that the micro-blogging website took these measures after twitter hackers managed to hijack the phone number of Dorsey in Twitter hack 2019 with...

Read More

How to keep your Microsoft Windows 10 PC safe from Ransomware Attacks

Microsoft has recently published a list of measures to be taken by customers to block ransomware attacks on their respective Windows 10 computers. And there are as follows- 1.     The first and foremost thing is to keep your Windows 10 Operating System and anti-virus up to date and better upgrade your PC to a Windows 10 Operating system. All Windows 7 Operating system users should keep in mind that their operating system will loose the regular security upgrades provide by Microsoft from January 2020. And that’s because the technology...

Read More

France to launch cyberattacks on hackers in retaliation

France law enforcement authorities are planning to hit out at the cyber assailants who have targeted Rouen Hospital with ransomware on November 15th of this year. “As the hackers are still active in targeting more agencies in France, we are planning to digitally target them in retaliation”, said Guillaume Poupard, the head of National Cyber Security Agency, France (ANSSI). Speaking at a conference in Paris, Mr. Poupard said that the new French law allows the government to neutralize the attackers and so we are planning to hit the target by this...

Read More

Zero Trust by Design: Information Security in the era of The Cloud

In a previous blog, we explored how businesses are increasingly moving towards a Zero Trust mindset when adopting cybersecurity practices. The very essence of Zero Trust, as the term implies, is to assume the stance of distrust towards any user or device that tries to enter the corporate environment – it follows the mantra of “never trust, always verify”. While Zero Trust...

Read More

Face/Off: Security challenges in the age of facial recognition

Facial recognition is rightfully held up as an accurate and secure method of safeguarding devices and ensuring more accurate identity proofing. It is, in essence, the new science of identity. But while facial recognition technology complements the need for ‘traditional’ security measures, such as username/password combinations and security checkpoints, it faces its own unique...

Read More

Alibaba thwarting 2.2 Billion Cyber Attacks on a daily note

Chinese Multinational company Alibaba has disclosed that it is thwarting around 2.2 Billion Cyber Attacks on a single day. And the attack scale will increase during the annual online shopping event which coincides with Black Friday or Cyber Monday in the United States. But the good news is that the e-commerce giant has deployed more than 3,000 security specialists and 1,258 algorithmic models working 24/7. Jessie Zheng, the Chief Risk Officer at Alibaba said that disclosed number of cyber threats included abnormal transactions, counterfeit goods...

Read More

Google confirms state-sponsored cyber attacks on its users

Google’s Threat Analysis Group has confirmed that it has sent over 12,000 warnings to its users targeted by state-sponsored phishing campaigns. The internet juggernaut has also confirmed that governments from the east are showing a lot of interest in launching phishing and disinformation related attacks on the company’s Western users. Releasing the update in its latest blog post, the web search giant said that its security researchers have found a new cyber threat from a new hacking group dubbed Russian Sandworm. But Google claims that it has taken...

Read More

Ryuk Ransomware attack on Prosegur Australia

Spanish cash moving company Prosegur’s Australia division has released a press statement a few hours ago saying that its global network was hit by Ryuk Ransomware. The multinational company which offers armored vehicles and services to move cash to ATMs, restaurants, banks and financial institutions across Europe, Latin America, North America, and Asia said that the file-encrypting malware has disrupted its digital operations across 4 continents which might take a week or two to recover.   Going deep into the details, Prosegur started its...

Read More

Four innovations changing the face of the financial industry

Technological advances and changes in customer expectations over recent years have made a huge impact on the banking and financial services sectors. In many cases, the transformation has been dramatic, with digital technologies enabling new services and totally resetting consumer expectations. For example, earlier this month NatWest Bank announced that it is trialing our...

Read More

Russian company tries to Cyber Attack Ohio Election Day 2019

On November 5th,2019, Ohio detected a cyber attack on its election procedure which is now concluded to be unsophisticated. Frank LaRose, the Republican Secretary of State released a press statement on Tuesday disclosing the details of the attack and confirmed that the attack originated in Panama and a Russian Company was behind the cyber incident.   Frank LaRose said that the hackers tried to induce an “SQL Injection based malicious code” into the official website which was eventually blocked and thwarted by the IT threat detection systems...

Read More

Important updates about the California Consumer Privacy Act (CCPA)

Here’s an email sent by Google to its users about its recent update to California Consumer Privacy Act CCPA-   Dear Partner,     The California Consumer Privacy Act (CCPA) is a new data privacy law that applies to certain businesses that collect personal information from California residents. The new law goes into effect on January 1, 2020.      Google already offers data protection terms pursuant to the General Data Protection Regulation (GDPR) in Europe. We are now also offering service provider terms under...

Read More

Android apps fraudulently access Facebook and Twitter user data

Facebook and Twitter have made an official announcement yesterday that few android apps were accessing the login info and other details of its users when the users used the same credentials into certain apps that were being downloaded via the Google Play Store. According to a source from CNBC, the damage was being done by a Software Development Kit (SDK) used by OneAudience and Mobiburn apps which were found guilty of giving access to Facebook (FB) and Twitter users without their consent. Security researchers working for the news site found that...

Read More

Over 80K computers running on Microsoft Windows OS found generating bitcoins with Malware

According to a security report released by Microsoft, over 80,000 computers running on different versions of the Windows Operating system were found mining bitcoins without the knowledge of the users. Dubbed as Dexphot, the malware has been reportedly infecting Win machines since Oct’18 stealing the computing power of its machines to mine bitcoins. Technologically, bitcoins mining happens when computers do humongous amounts of calculations and get rewarded by a bitcoin on successful completion of the calculation string. Researchers found that Dexphot...

Read More

Reflections on Captain Sully’s #ISC2Congress Keynote

by Dr. Chris Veltsos, CISSP  (ISC)² Security Congress wrapped up four weeks ago. The event sported world-class keynotes and also had many great sessions. This article shares some reflections on Captain Sully’s keynote, and his message to all of us information security professionals. A Perfect Fit for Cybersecurity The opening keynote at the 2019 (ISC)² Security Congress...

Read More

Palo Alto Networks acquires Aporeto and Demistro

California based Cybersecurity firm Palo Alto Networks has made it official that it has acquired AI-based startup Aporeto for a cash deal of $150 million. The objective of the company behind the acquisition is to use AI and Machine Learning tools of Aporeto to automate significant certain segments of its products and services such as cloud monitoring, firewalls and compliance-related licenses along with endpoint protection.   News is out that Aporeto co-founders Satyam Sinha and Dimitri Stliadis will be joining the Palo Alto networks from...

Read More

How I Went from Climbing Cable Poles to High-End Threat Hunting

By Tia Hopkins, vice president, global sales engineer, eSentire My path to cybersecurity wasn’t a linear one. My first real job was installing DSL (digital subscriber lines) for phone companies. I was climbing poles, pulling cables and that sort of thing. Installing high-speed internet is what led me to IT, because customers would ask questions like “How do I do this on more than one computer?” or “What’s a network?” or “What’s Wi-Fi?” To answer their questions, I started digging in deeper and got turned onto the IT side of the business. Eventually,...

Read More

NYPD knocked out by Ransomware Attack

A ransomware scare has made the New York Police Department (NYPD) pull-down its fingerprints database offline. However, an official statement released by the law enforcement agency says that none of the stored data records were impacted by the file encryption malware as the ransomware was contained in the initial stage of a cyber attack. Highly placed sources say that the file-encrypting virus was introduced into the network by a contractor who was working on a project of replacing digital displays. Going deep, Cybersecurity Insiders has learned...

Read More

Cyber Attack on OnePlus Online store

Chinese Smartphone maker OnePlus has made it official that data related to its consumers of the online store was hacked and accessed by unknown hackers almost two weeks ago. However, the Shenzhen based company has assured that payment information and passwords remain unaffected as the data was put on another server. The company which is a subsidiary of OPPO Mobile Telecommunication brand is yet to reveal the exact number of affected users as the cyber incident is still under a probe. What’s interesting in this cyber attack saga is that a similar...

Read More

Ransomware attack on 110 Nursing homes across the United States

A ransomware attack launched on a Wisconsin based IT company is said to have disrupted the services of over 110 Nursing Homes across the United States. The company owner claims that the impact was not only harsh on the business but could have also lead to the demise of some patients. Now, the company which is under discussion is Milwaukee based Virtual Care Provider Inc (VCPI) which is a firm into IT consulting, internet access, data storage, and security services. News is out that the malware attack on the cloud-based service provider has severely...

Read More

Data of prepaid customers of T Mobile hacked

Germany based Telecom Company T-Mobile has officially declared on Friday last week that sensitive info of its prepaid subscribers was leaked to hackers. The leaked details include social security numbers, financial data, passwords and other info related to the subscribers.   However, a source from America’s top mobile services provider based on the condition of anonymity said that billing address, phone numbers, account number, rate plan, names, and their location data were also accessed by hackers. But the company has reportedly kept the...

Read More

Iranian hackers to launch data destroying malware on Western countries

All these days hackers from Iran were seen indulging in activities such as DDoS attacks and espionage. But now, there is evidence that these hackers have decided to launch malware campaigns that are capable of destroying data on the servers being operated in Western countries. This includes data being stored on public and private entities such as critical infrastructure owned by countries. Revealing the same at the CyberwarCon Conference held in Arlington, Virginia; Ned Moran a security researcher from Microsoft ringed the alarm bell. Ned said...

Read More

Zero Trust – The new default for Information Security

Since the dawn of information security, trust has been a critical element. Over time, as information technology has become more distributed, the notion of trust has evolved around who logically needs to be able to access a service. For example, if you are seeking to get onto your corporate network then you will need to have a unique username and password to view the corporate...

Read More