Call us on 03450 21 21 51

SRM Solutions
The SRM Blog

Information Security Breach Report – 04 February 2015

Written by SRM

4th February 2015

Share this article

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

Information Disclosure Vulnerability Found in HP UCMDB – http://www.securityweek.com/information-disclosure-vulnerability-found-hp-ucmdb

UMass Breach Could Expose 14,000 to Fraud – http://www.healthdatamanagement.com/news/UMass-breach-could-expose-14000-to-fraud-49724-1.html

XSS, XFS, Open Redirect Vulnerabilities Found on About.com – http://www.securityweek.com/xss-xfs-open-redirect-vulnerabilities-found-aboutcom

Dangerous IE vulnerability opens door to powerful phishing attacks – http://www.cio.com/article/2879374/dangerous-ie-vulnerability-opens-door-to-powerful-phishing-attacks.html

Information Disclosure Vulnerability Found in HP UCMDB – http://www.securityweek.com/information-disclosure-vulnerability-found-hp-ucmdb

LinkedIn’s Data Breach Settlement Moves Forward – http://www.mediapost.com/publications/article/243054/linkedins-data-breach-settlement-moves-forward.html

Millions of Android users at risk from adware, secretly lurking inside Google Play apps – http://grahamcluley.com/2015/02/android-adware-risk/

 

Miscellaneous Infosec stories:

Vulnerability of operational technology is a ticking time bomb – http://cio.economictimes.indiatimes.com/news/digital-security/vulnerability-of-operational-technology-is-a-ticking-time-bomb/46109136

Hey, Gmail me that cash you owe – http://www.bbc.co.uk/newsbeat/31092995

Lost chunk of pioneering Edsac computer found – http://www.bbc.co.uk/news/technology-31100014

BLETCHLEY PARK: Alan Turing’s notes found being used as roof insulation in Hut 6 at Bletchley Park – http://www.mkweb.co.uk/pictures/8203-BLETCHLEY-PARK-Alan-Turing-s-notes-used-roof/pictures-25966005-detail/pictures.html

Is cyber-insurance an enterprise essential in a data breach age? – http://diginomica.com/2015/02/03/cyber-insurance-enterprise-essential-data-breach-age/

Visa on Unique EMV Challenges in U.S. – http://www.inforisktoday.co.uk/interviews/visa-on-unique-emv-challenges-in-us-i-2564

Universities: Prime Breach Targets – http://www.databreachtoday.com/universities-prime-breach-targets-a-7865

Security Seen as Top Obstacle to Success in Application Economy: Report – http://www.securityweek.com/security-seen-top-obstacle-success-application-economy-report

FBI put Anonymous ‘hacktivist’ Jeremy Hammond on terrorism watchlist – http://www.theguardian.com/us-news/2015/feb/02/fbi-anonymous-hacktivist-jeremy-hammond-terrorism-watchlist

Inside the prison system’s illicit digital world – http://fusion.net/story/41931/inside-the-prison-systems-illicit-digital-world/

Modeling tools lets insurers write data breach risk ‘with more confidence,’ Willis Re says – http://www.canadianunderwriter.ca/news/modeling-tools-lets-insurers-write-data-breach-risk-with-more-confidence-willis-re-says/1003461098/?&er=NA

APTs Not Always as Advanced as You May Think: Sophos – http://www.securityweek.com/apts-not-always-advanced-you-may-think-sophos

 

Tools, Tips and How it’s done:

Five questions every board should ask after Sony Pictures breach – http://www.computerweekly.com/news/2240239361/Five-questions-every-board-should-ask-after-Sony-Pictures-breach

Creative Evasion Technique Against Website Firewalls – http://blog.sucuri.net/2015/02/creative-evasion-technique-against-website-firewalls.html

Data Breach Aftermath – http://beforeitsnews.com/crime-all-stars/2015/02/data-breach-aftermath-2452050.html

How to Avoid Becoming a Victim of the Next Big Box Security Breach – http://www.mainstreet.com/article/how-to-avoid-becoming-a-victim-of-the-next-big-box-security-breach

Facial recognition technology: How well does it work? – http://www.bbc.co.uk/news/technology-31112604

Worlds Biggest Data Breaches – http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

Account Security 101: Passwords, Multifactor, Social Engineering, and You – http://www.gamersagainstgamergate.com/crash-override-network-account-security-101-passwords-multifactor-social-engineering/

How to build threat intelligence for your business by creating a honeynet – http://www.techradar.com/news/world-of-tech/how-to-build-threat-intelligence-for-your-business-by-creating-a-honeynet-1283368

How a penetration test helps you meet PCI compliance guidelines – http://www.net-security.org/article.php?id=2213&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29

Your Best Hacker Defence … Revealed – http://resources.infosecinstitute.com/best-hacker-defense-revealed/

The worst of the worst phishing scams – http://www.csoonline.com/article/2879028/social-engineering/the-worst-of-the-worst-phishing-scams.html#tk.rss_all

How corporate spies access your company’s secrets – http://www.csoonline.com/article/2879496/cyber-attacks-espionage/how-corporate-spies-access-your-companys-secrets.html#tk.rss_all

2014 Top Security Tools – http://www.toolswatch.org/2015/01/2014-top-security-tools-as-voted-by-toolswatch-org-readers/

How to Hack an ADT Alarm System – http://ipvm.com/report/hack-adt-alarm-system

 

Miscellaneous Privacy stories

Abuse of health data deserves JAIL, thunders ethics body – http://www.theregister.co.uk/2015/02/03/jail_health_data_abusers_nuffield_council_bioethics/

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

 

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/