Monthly Archives: November 2013

Cyber security expert says threats are “worse than generally believed” among utilities


November 30, 2013

There's no question that electric utilities around the world are waking up to the fact that wireless connections and new communication platforms are exposing them to serious cyber security risks.

However, Robert Hinden, chair of the IETF Administrative Oversight Committee (IAOC) that keeps tabs on the international community known as Internet Engineering Task Force (IETF), recently wrote an article warning the conditions may be worse than many think.

Continue reading

Cyber security expert says threats are “worse than generally believed” among utilities

There's no question that electric utilities around the world are waking up to the fact that wireless connections and new communication platforms are exposing them to serious cyber security risks.

However, Robert Hinden, chair of the IETF Administrative Oversight Committee (IAOC) that keeps tabs on the international community known as Internet Engineering Task Force (IETF), recently wrote an article warning the conditions may be worse than many think.

Continue reading

ISACA: Internet of Things to create serious cyber security risks for organisations


November 29, 2013

As if there wasn't already enough evidence out there that proves penetration testing should be an essential part of any company's IT system, the rise of the Internet of Things (IoT) should be the final nail in the coffin that confirms it.

According to new research from ISACA, a global IT solutions and risk analysis provider, the idea that all consumer goods could soon be wirelessly connected – the Internet of Things – provides enormous opportunities for companies. However, it also will leave virtually any businesses, whether it is involved in the IT space or not, vulnerable to cyber attacks.

Continue reading

ISACA: Internet of Things to create serious cyber security risks for organisations

As if there wasn't already enough evidence out there that proves penetration testing should be an essential part of any company's IT system, the rise of the Internet of Things (IoT) should be the final nail in the coffin that confirms it.

According to new research from ISACA, a global IT solutions and risk analysis provider, the idea that all consumer goods could soon be wirelessly connected – the Internet of Things – provides enormous opportunities for companies. However, it also will leave virtually any businesses, whether it is involved in the IT space or not, vulnerable to cyber attacks.

Continue reading

Hacked dating website compromises 42 million passwords


November 26, 2013

Online dating website Cupid Media recently announced it had been hacked by an outside group that accessed the domain and stole 42 million of its users' passwords.

Experts are saying it could be one of the worst password security breaches in history, but what may be the most shocking is the the protection measures – or lack thereof – that were found on the website. It's been discovered that the millions of passwords on the website were hardly protected, and the company stored them in plaintext format.

Continue reading

Hacked dating website compromises 42 million passwords

Online dating website Cupid Media recently announced it had been hacked by an outside group that accessed the domain and stole 42 million of its users' passwords.

Experts are saying it could be one of the worst password security breaches in history, but what may be the most shocking is the the protection measures – or lack thereof – that were found on the website. It's been discovered that the millions of passwords on the website were hardly protected, and the company stored them in plaintext format.

Continue reading

Lack of awareness remains the biggest issue for cyber security


November 22, 2013

To get a true sense of how serious the problem of cyber security breaches has become, it may only require a quick look at trends from the past decade.

As the initial dot-com phase transitioned into a business world dominated by mobile devices, anywhere-access, real-time communications and dozens of products and solutions businesses now need to stay competitive, new threats have emerged.

Continue reading

Lack of awareness remains the biggest issue for cyber security

To get a true sense of how serious the problem of cyber security breaches has become, it may only require a quick look at trends from the past decade.

As the initial dot-com phase transitioned into a business world dominated by mobile devices, anywhere-access, real-time communications and dozens of products and solutions businesses now need to stay competitive, new threats have emerged.

Continue reading

Open Source and Software Trust


November 20, 2013

By Norman Yue – Chief Technology Officer

Recently, I stumbled across an interesting blog post about trusting security software on Reddit (http://blog.cryptographyengineering.com/2013/10/lets-audit-truecrypt.html). This got me thinking, and kicked off a few conversations – to be honest, pretty much any open source software can be backdoored, and a good number of open source software packages have been/still are. It doesn’t need to be an obvious backdoor – simply omitting a security control, or rendering it weaker than it could be, could be just as effective (and much, much more difficult to detect during a source code audit).

For an attacker, the payoff is potentially huge, depending on the particular software being backdoored (just imagine if a tool such as nmap, or some FIM software, was to be backdoored). The cost can range from the attacker putting his hand up to “maintain” an open source WordPress plugin, to going after something unrelated and ending up with access to the source code repository of a popular security tool in his/her lap. Continue reading

Fear of cyber attacks influencing corporate IT decisions


November 18, 2013

As more corporations report a higher number of thwarted cyber attacks, which are also rising in severity, the growing fear of security breaches may be affecting decision makers' ability to mitigate further risks, according to Gartner.

A new study from the technology research firm found that although the high publicity of cyber attacks has certainly raised awareness of the importance of a security audit and similar functions, it's also leading to fear. In turn, these CIOs are shifting away from enterprise risk management and risk-based information security and toward technical security.

Continue reading