" cyber security "


IQ Retail Guards Against New Age Threats with Panda Security

“Stories of cyber-attacks hit the news almost daily – data breaches, DDos attacks, email hacks and phishing attacks – reminders of the dangers of the internet” says Jeremy Matthews Regional Manager of Panda Security Africa. “Yet somehow all of these attacks still seem foreign– as though it would never happen to you, however the reality is, South African businesses are affected by these threats” continues Matthews.

IQ Retail MD, Chris Steyn knows this all too well and has seen first-hand the dramatic rise of new age threats such as Ransomware. Software company IQ Retail, provides expertise in complete financial and business administration solutions, focusing on the development of business systems for the accounting and retail management environment. Since its inception in 1986, IQ Retail has grown to become one of the premium providers of innovative business solutions.


Panda’s Do’s & Don’t’s of Cyber Security

Here are Panda Security’s Do’s and Don’t’s of Cyber Security for your business, in 10 short points that are easy to remember and implement. (more…)

The Apple logo hangs inside the glass entrance to the Apple Store on 5th Avenue in New York City,

KeRanger Ransomware Hits Mac OS X Users

This week Mac users were targeted by what is being called the first fully functional ransomware for Mac OS X.

Over the weekend when Mac users downloaded the long awaited version 2.90 of popular Bit Torrent client Transmission they got a little something extra, a new piece of malware called KeRanger. (more…)

Panda Blog R

Block-y Locky Ransomware with Panda Security

Last week a new strain of ransomware came to the fore, dubbed Locky because of the way it renames the file extension. Locky targets users via email attachments, which is often an invoice in a Microsoft Word document. Once the recipient downloads the file, if Office macros are enabled the malicious macro gets to work encrypting the user’s files. If macros are not enabled, the Word document will display a message prompting the user to enable macros in order to read the invoice.

Britain Beefs Up Cyber Security Measures

According to a recent report on Independent On-line (http://www.iol.co.za/scitech/technology/security) Britain is appealing to company investors and shareholders to adopt a “watchdog” role as a means of “beefing up” its cybersecurity. Rather than employing the more draconian US approach, which features mandatory reporting by companies subjected to cyber attacks, Britain is relying on those with vested interests to assist them in the management of such assaults.
The report suggests that 9 out of 10 British companies have “suffered a cyber breach in the past year” and, as such, the government is now viewing this problem as serious – so much so that it’s set aside £650m over the next four years to manage the situation.
However, despite the gravity of the circumstances and the increase in cyber threats, Britain has decided to place the responsibility squarely on the shoulders of company directors and investors. ”Fear of reputational damage” can be a powerful motivator!
Interestingly, the report suggests that in the main, the British government is wary of the US mandatory approach since it believes companies may risk withholding such information rather than face unwanted public scrutiny.
The topic has stirred up debate among those who prefer the mandatory approach, suggesting that it keeps organisations on their toes.
This pilot scheme is expected to run across a variety of different industry sectors.

Regulation must play catch up to fight cyber-crime scourge, say security experts

Today, 95% of malware is aimed at stealing passwords, which makes users who handle valuable information potential targets for cyber-criminals. Speakers at the second international Security Blogger Summit held in Madrid last Thursday expressed concern about this and the easy way in which malware is distributed as well as the difficulty to apprehend those responsible.

The roundtable, which included Kurt Wismer, renowned security opinion blogger, John Leyden, cyber-crime columnist for The Register, Marc Cortés, marketing expert and author of Interactividad.org and Javier Sanz, (ADSL Zone.net author) identified Eastern Europe and China as the main sources of malware, criticising governments’ lack of action in fighting this threat.

“Apart from the difficulty of arresting a hacker for illegal activities carried out outside of a country’s jurisdiction, there is the problem of actually making sure that a hacker’s virtual identity actually corresponds to that of the detainee,” explained Paloma Llaneza, a member of Spain’s National Cyber-Security Advisory Council.

Participants also commented on the speed of cyber-attacks and the lack of resources from authorities to stop them. “The law is always one step behind cyber-crooks and this prevents authorities from acting more swiftly,” explained Yago Jesús, blogger and author of SecurityByDefault.com.

Joseph Menn, an investigative journalist who has comprehensively covered security issues, indicated that even in countries like the United States there are laws dating back to the 1970s that are no longer capable of stopping present-day Internet attacks.

“There are many legal obstacles that make stopping these groups incredibly hard. If you are a hacker and operate in a country other than your own, it is very difficult to arrest you,” said Menn.

The scale of the problem is daunting. According to cyber-crime expert Brian Krebs, “Cyber-crime is becoming more and more similar to drug trafficking. These organisations are exclusively motivated by money and operate using pyramidal structures. Each group within the organisation has its own responsibilities: some develop malware, others identify banks to attack, and finally some others spread the malicious code.”

“The best thing would be to be able to demand some responsibility from private businesses and public institutions,” suggested Jesús while Krebs recommended drawing up a blacklist of non-recommended sites which he believes could prevent a huge number of attacks by warning users of websites that could infect them.

Krebs also explained the need to demand more responsibility from Internet Service Providers. “If we have laws in the United States that force Internet service providers to shut down Web pages that offer pirate music or video files within 48 hours, there should be similar laws for cyber-crime.”

Education, awareness and legal responsibility

Education and awareness issues were also discussed at the summit. Several participants spoke in favour of a common sense approach.

“Just as we lock the door after leaving our house or getting out of the car, we should do the same thing with the Internet,” said Alejandro Suárez, an influential Internet blogger in the Networks SL blogging network.

Marcelo Rivero, Infospyware.com’s author, echoed this: “We must be aware of what activities can lead to an infection and what cannot. Common sense is necessary to surf the Web.”

“Unfortunately, young people establish a communication channel that parents many times cannot advice them on. We should act on the Internet in exactly the same way as in real life in order to minimize risks,” added Rivero.