Call us on 03450 21 21 51

SRM Solutions
The SRM Blog

Information Security Breach Report – 02 June 2015

Written by SRM

2nd June 2015

Share this article

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

Angler Exploit Kit Loads Up CryptoWall 3.0, Flash Flaw – http://www.infosecurity-magazine.com/news/angler-exploit-kit-loads-up/

Blue Coat Fixes Several Flaws in SSL Visibility Appliance – http://www.securityweek.com/blue-coat-fixes-several-flaws-ssl-visibility-appliance?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

Over 1,000 Vietnamese websites hacked by Chinese during weekend: report – http://www.thanhniennews.com/tech/over-1000-vietnamese-websites-hacked-by-chinese-during-weekend-report-45148.html

DYRE Banking Malware Upsurges; Europe and North America Most Affected – http://blog.trendmicro.com/trendlabs-security-intelligence/old-banking-malware-resurfaces-europe-north-america-most-affected/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Anti-MalwareBlog+%28Trendlabs+Security+Intelligence+Blog%29

Now Twitter and Snapchat get stung by the iPhone text crash – http://www.hotforsecurity.com/blog/now-twitter-and-snapchat-get-stung-by-the-iphone-text-crash-11888.html

Grabit Espionage Campaign Steals Thousands of Files From SMBs – http://www.eweek.com/security/grabit-espionage-campaign-steals-thousands-of-files-from-smbs.html

eBay bug turns phishing email links into malware-stuffed booby prizes – http://www.theregister.co.uk/2015/05/23/beware_forms_that_arent_ebay_hit_by_serious_security_problem/

Sally Beauty: Cybercriminals Planted Malware on PoS Systems for 6 Weeks – http://www.securityweek.com/sally-beauty-cybercriminals-planted-malware-pos-systems-6-weeks?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

More than 60 undisclosed vulnerabilities affect 22 SOHO routers – http://seclists.org/fulldisclosure/2015/May/129

 

Miscellaneous Infosec stories:

Tackling the human problem of security – http://www.itnews.com.au/Feature/404650,tackling-the-human-problem-of-security.aspx?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+

Business Risks Associated With Data Breaches – http://www.addrenal.com/groups/business-risks-associated-with-data-breaches/

Retail sector falling short in customer data protection – http://www.itproportal.com/2015/05/30/retail-sector-falling-short-customer-data-protection/

On Reflection: Don’t bring cyber crime in through the back door – http://www.windpowermonthly.com/article/1349274/reflection-dont-bring-cyber-crime-back-door

Number of Botnet-Powered DDoS Attacks Dropped in Q1: Kaspersky – http://www.securityweek.com/number-botnet-powered-ddos-attacks-dropped-q1-kaspersky?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

How a hack on Prince Philip’s Prestel account led to UK computer law – http://www.theregister.co.uk/2015/03/26/prestel_hack_anniversary_prince_philip_computer_misuse/

UAE firms targeted by cyber spying – http://gulfnews.com/business/sectors/technology/uae-firms-targeted-by-cyber-spying-1.1527377

CESG launch new Certified Cyber Security Consultancy scheme for government and industry – http://www.gchq.gov.uk/press_and_media/press_releases/Pages/CESG-launch-new-Certified-Cyber-Consultancy-scheme.aspx

Surfing porn, downloading apps: Employees ignore obvious cyber risks at work – http://www.firstpost.com/business/surfing-porn-downloading-apps-employees-ignore-obvious-cyber-risks-work-2274786.html

Protecting banks from the coming data breach liability storm – http://www.easier.com/130347-protecting-banks-from-the-coming-data-breach-liability-storm.html

 

Tools, Tips and How it’s done:

The cyber security expert Michael Fratello has made a detailed analysis of the locker ransomware that implements a unique delivery mechanism – http://securityaffairs.co/wordpress/37325/malware/locker-ransomware-analysis.html

Ensuring U.S. Air Force Operations During Cyber Attacks Against Combat Support Systems – http://www.rand.org/pubs/research_reports/RR620.html

10 Rules for Writing Safety Critical Code – http://spinroot.com/p10/

Malvertising Assaults Result in Attack Toolkit Magnitude and Ransomware says Zscaler – http://securitynewswire.com/latestsecuritynews/mobile_article.php?title=Malvertising_Assaults_Result_in_Attack_Toolkit_Magnitude_and_Ransomware_says_Zscaler

Technical analysis of Hola vulnerabilities enabling cyber attacks – http://blog.vectranetworks.com/blog/technical-analysis-of-hola

The vulnerable Border Gateway protocol, a quick-fix solution from 1989, still directs most internet traffic – http://www.washingtonpost.com/sf/business/2015/05/31/net-of-insecurity-part-2/

5 things you need to do to maintain your professional online hygiene – https://www.linkedin.com/pulse/5-things-you-need-do-maintain-your-professional-online-yotam-gutman

Shady Ad Network Using “Camo Sites” – https://www.bluecoat.com/security-blog/2015-05-30/shady-ad-network-using-camo-sites

The Importance of Operational Security and User Education – http://securityaffairs.co/wordpress/37368/security/operational-securit-user-education.html

What enterprise should do when helpless employees lose hope in fighting cyber attacks – http://www.networksasia.net/article/what-enterprise-should-do-when-helpless-employees-lose-hope-fighting-cyber-attacks

 

Miscellaneous Privacy stories:

Why you shouldn’t worry about privacy and security on your phone – https://nakedsecurity.sophos.com/2015/06/02/why-you-shouldnt-worry-about-privacy-and-security-on-your-phone/

Lower Merion School District explains the 56,000 Webcamgate shots – http://www.forbes.com/sites/kashmirhill/2010/04/22/lower-merion-school-district-explains-the-56000-webcamgate-shots/

Haunted by a stranger who stole my life online – http://www.dailymail.co.uk/femail/article-3105080/Haunted-stranger-stole-life-online-imposter-used-executive-s-photos-create-fantasy-life-duped-falling-fake-woman.html

Jennifer Newman: What employers look for when checking your Facebook, LinkedIn – http://www.cbc.ca/news/canada/british-columbia/jennifer-newman-what-employers-look-for-when-checking-your-facebook-linkedin-1.3094131

Unmasking hidden Tor service users is too easy, say infosec bods – http://www.theregister.co.uk/2015/05/30/researchers_claim_tracking_hidden_tor_services_is_easy/

Data breach liability: confidentiality vs. privacy – http://www.databreaches.net/data-breach-liability-confidentiality-vs-privacy/

 

Safeguarding Children and School E-Safety stories:

Filmed on Skype… the chilling exchange between reporter posing as a child and Islamic State fighter from London – http://www.dailymail.co.uk/news/article-3094448/Filmed-Skype-chilling-exchange-reporter-posing-child-Islamic-State-fighter-London-told-pick-going-picking-wife.html

Internet celebrities speak out against cyber bullying – http://www.3news.co.nz/nznews/internet-celebrities-speak-out-against-cyber-bullying-2015053115#axzz3bvBj1eI1

Students make lecturers life a ‘misery’ – http://m.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=11458573

Whose privacy matters most? – http://www.csoonline.com/article/2928700/privacy/whose-privacy-matters-most.html#tk.rss_all

 

If you would like this report sent direct to your inbox, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/