Call us on 03450 21 21 51

SRM Solutions
The SRM Blog

Information Security Breach Report – 03 March 2015

Written by SRM

3rd March 2015

Share this article

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

The top software exploit of 2014? The Stuxnet XP flaw from 2010, reckons HP – http://www.csoonline.com/article/2888040/cyber-attacks-espionage/the-top-software-exploit-of-2014-the-stuxnet-xp-flaw-from-2010-reckons-hp.html#tk.rss_all

PHI Data Breaches Increase 25% in 2014 – http://healthitsecurity.com/2015/02/24/phi-data-breaches-increase-25-in-2014-says-redspin-report/

Critical Vulnerability Found in Samba Interoperability Suite – http://www.securityweek.com/critical-vulnerability-found-samba-interoperability-suite

Parking ticket data breach for tens of thousands – http://www.bitterwallet.com/parking-ticket-data-breach-for-tens-of-thousands/83678

Hackers Steal Trading Algorithms – http://www.databreachtoday.com/hackers-steal-trading-algorithms-a-7949

More than 1 Million WordPress websites are vulnerable to blind SQL Injection Attacks – http://securityaffairs.co/wordpress/34144/hacking/1-million-wordpress-websites-vulnerable.html

Lenovo confirms China cyber attack – http://www.ft.com/fastft/283333/lenovo-confirms-cyber-attack

Lenovo’s website hijacked (briefly) by High School Musical-loving hackers – http://grahamcluley.com/2015/02/lenovo-website-hijacked/

TurboTax not doing enough to guard against ID theft – http://www.komonews.com/news/local/Insider-TurboTax-not-doing-enough-to-guard-against-ID-theft-294138211.html

Scammers Prescreen Victims for Tech Support Scams via Twitter and Phone – http://www.infosecdailynews.com/scammers-prescreen-victims-for-tech-support-scams-via-twitter-and-phone/

Seagate Business NAS Flaws Allow Remote Code Execution: Researchers – http://www.securityweek.com/seagate-business-nas-flaws-allow-remote-code-execution-researchers

Data breach from University of Limerick student village – http://www.limerickleader.ie/news/business/business-news/data-breach-from-university-of-limerick-student-village-1-6606392

 

Miscellaneous Infosec stories:

Google Enhances Safe Browsing in Chrome, Search – http://www.securityweek.com/google-enhances-safe-browsing-chrome-search

Milpitas-based FireEye mans the front line in fight against cyberattacks – http://www.chicoer.com/business/20150224/milpitas-based-fireeye-mans-the-front-line-in-fight-against-cyberattacks

96% say ISO 27001 is important for improving security defences – http://www.net-security.org/secworld.php?id=17987&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29

Business Services, Retail Saw The Most Online Security Breaches In 2014 – http://techcrunch.com/2015/02/24/fireeye-security-breaches-2014/

FIRMS TO COMBAT LARGE SCALE CYBER-ATTACKS BY 2018 – http://www.cbronline.com/news/security/firms-to-combat-large-scale-cyber-attacks-by-2018-4518751

Business disruption cyber attacks set to spur defence plans, says Gartner – http://www.computerweekly.com/news/2240241129/Business-disruption-cyber-attacks-set-to-spur-defence-plans-says-Gartner

AETs: The Ultimate Stealth Attack? – http://www.securityweek.com/aets-ultimate-stealth-attack?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

Responsible Disclosure: Cyber Security Ethics – http://www.csoonline.com/article/2889357/security0/responsible-disclosure-cyber-security-ethics.html#tk.rss_all

Facebook launches new suicide prevention tool in the US – http://www.bbc.co.uk/newsbeat/31641216

Cyber thugs taking data hostage – http://phys.org/news/2015-02-cyber-thugs-hostage.html

Firefox 36 swats bugs, adds HTTP2 and gets certifiably serious – http://www.theregister.co.uk/2015/02/26/mozilla_swats_17_bugs_in_firefox_36/

MI National Guard to Fight Cyber Attacks – http://www.wilx.com/home/headlines/MI-National-Guard-to-Fight-Cyber-Attacks–294111541.html

Companies turn to IT security firms to protect data – http://cio.economictimes.indiatimes.com/news/digital-security/companies-turn-to-it-security-firms-to-protect-data/46377209

BlackBerry working with Google to secure Android devices – http://zeenews.india.com/business/news/technology/blackberry-working-with-google-to-secure-android-devices_119561.html

Who ‘owns’ an investigation into a security breach? – http://www.csoonline.com/article/2889191/data-breach/who-owns-an-investigation.html

Fingerprint sensor revealed by Qualcomm at MWC – http://www.bbc.co.uk/news/technology-31692988

 

Tools, Tips and How it’s done:

Endpoint Security Makes Quantum Shift: Part 1 – http://www.countertack.com/blog/endpoint-security-makes-quantum-shift-part-1

File Sharing: How to Minimize Risks – http://www.databreachtoday.co.uk/file-sharing-how-to-minimize-risks-a-7944

Why Websites Get Hacked – http://blog.sucuri.net/2015/02/why-websites-get-hacked.html

Hacking the hackers : A cyber resilience approach – http://securityaffairs.co/wordpress/34302/hacking/hacking-cyber-resilience-approach.html

NATO: Defending against the known unknowns – http://www.scmagazineuk.com/nato-defending-agains-the-known-unknowns/article/400190/

 

Miscellaneous Privacy stories

R2K: Spy cables leak a double-edged sword – http://www.news24.com/SouthAfrica/News/R2K-Spy-cables-leak-a-double-edged-sword-20150224 and http://www.sowetanlive.co.za/news/2015/02/24/spy-info-leak-an-embarrassment-maimane

Privacy is at a crossroads. Choose wisely – https://medium.com/@yegg/privacy-is-at-a-crossroads-choose-wisely-96bac0644ec1

Majority of health sites send troves of data about your medical searches to third-party companies – http://motherboard.vice.com/read/looking-up-symptoms-online-these-companies-are-collecting-your-data

Google AdSense Sends Publishers Policy Breach Notice Over PII – https://www.seroundtable.com/google-adsense-policy-breach-notice-pii-19937.html

Would you trust ‘spyproof’ mobes made in Putin’s Russia? – http://www.theregister.co.uk/2015/03/02/russian_blackphone_prototype_taigaphone/

Surveillance Software Company Gamma Found To Have Violated Human Rights; Receives Unprecedented Slap On The Wrist – https://www.techdirt.com/articles/20150227/07063130160/surveillance-software-company-gamma-found-to-have-violated-human-rights-receives-unprecedented-slap-wrist.shtml

mpanies should prepare for the EU’s forthcoming Data Protection Regulation – http://www.euractiv.com/sections/infosociety/companies-should-prepare-eus-forthcoming-data-protection-regulation-312487

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/