Call us on 03450 21 21 51

SRM Solutions
The SRM Blog

Information Security Breach Report – 06 March 2015

Written by SRM

6th March 2015

Share this article

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

University of Limerick Hit With Data Breach – http://www.hacksurfer.com/posts/university-of-limerick-hit-with-data-breach

Stop the presses: HTTPS-crippling “FREAK” bug affects Windows after all – http://arstechnica.com/security/2015/03/stop-the-presses-https-crippling-freak-bug-affects-windows-after-all/

Fare dodger who forged his own fake first class train tickets at home using a computer is ordered to pay back £17,000 – or go to prison for a year – http://www.dailymail.co.uk/news/article-2981229/Fare-dodger-forged-fake-class-train-tickets-home-using-computer-ordered-pay-17-000-prison-year.html

Lawsky Warns Pioneer Savings Bank Customers of Breach – http://www.americanbanker.com/news/bank-technology/lawsky-warns-pioneer-savings-bank-customers-of-breach-1073123-1.html

Try WhatsApp Calling; a new social engineering scam propagated on WhatsApp – http://www.pangamers.com/tech-news/try-whatsapp-calling-a-new-social-engineering-scam-propagated-on-whatsapp/

Death threat issued in bogus tech support call – http://www.bbc.co.uk/news/technology-31748589

Data breach investigation – http://www.limerickpost.ie/2015/03/04/data-breach-investigation/

Attackers clone malware-laden copies of popular apps – http://www.csoonline.com/article/2892017/malware-cybercrime/attackers-have-cloned-malware-laden-copies-of-the-most-popular-apps-your-employees-use.html#tk.rss_all

Chip Equipment Firm ASML Suffers Data Breach – http://www.securityweek.com/chip-equipment-firm-asml-suffers-data-breach

GAO Sees FAA Air Traffic System at Risk – http://www.inforisktoday.com/gao-sees-faa-air-traffic-system-at-risk-a-7970

 

Miscellaneous Infosec stories:

Why Online Attacks By Nations Are Problematic: Enemies Can Learn From Your Digital Weapons, Then Turn Improved Versions Against You – https://www.techdirt.com/articles/20150212/07481530002/why-online-attacks-nations-are-problematic-enemies-can-learn-your-digital-weapons-then-turn-improved-versions-against-you.shtml

Adobe invites help hunting vulnerabilities in its online services – http://www.csoonline.com/article/2893320/security/adobe-invites-help-hunting-vulnerabilities-in-its-online-services.html#tk.rss_all

The Failed Attempt to Destroy GPS – http://www.theatlantic.com/technology/archive/2015/03/the-failed-attempt-to-destroy-early-gps/386656/?single_page=true

BSides Austin & #SXSW2015: The Internet of Things, Privacy & What’s Next in InfoSec – https://community.rapid7.com/community/infosec/blog/2015/03/05/internet-of-things-privacy-whats-next-in-infosec-at-sxsw-2015

Mozilla to Introduce New Certificate Revocation Feature in Firefox 37 – http://www.securityweek.com/mozilla-introduce-new-certificate-revocation-feature-firefox-37

OpenDNS Uses Natural Language Processing to Detect APTs – http://www.securityweek.com/opendns-uses-natural-language-processing-detect-apts

How Unsafe Was Hillary Clinton’s Secret Staff Email System? – http://gawker.com/how-unsafe-was-hillary-clintons-secret-staff-email-syst-1689393042

Emerging cyberthreats exploit battle between compliance and security – http://searchsecurity.techtarget.com/news/2240241776/Emerging-cyberthreats-exploit-battle-between-compliance-and-security

38,000 cyber fraud cases reported in four years: Government – http://cio.economictimes.indiatimes.com/news/digital-security/38000-cyber-fraud-cases-reported-in-four-years-government/46465242

When Fraud and Security Converge – http://www.databreachtoday.com/interviews/when-fraud-security-converge-i-2596

Don’t delegate cyber risk management responsibility – http://www.bankingtech.com/281572/dont-delegate-cyber-risk-management-responsibility/

 

Tools, Tips and How it’s done:

Banking cyber thieves may be too slick for their own good – https://newsdaily.com/2015/03/banking-cyber-thieves-may-be-too-slick-for-their-own-good/

The man who posted himself to Australia – http://www.bbc.co.uk/news/magazine-31700049

5 steps to incorporate threat intelligence into your security awareness program – http://www.csoonline.com/article/2892417/security-awareness/5-steps-to-incorporate-threat-intelligence-into-your-security-awareness-program.html#tk.rss_all

Protect Your Practice Data Against a Breach – http://www.physicianspractice.com/ehr/protect-your-practice-data-against-breach

Principles of effective cyber security risk management – https://www.gov.uk/government/publications/principles-of-effective-cyber-security-risk-management

Why You Should Not Use The New Smartphone Fingerprint Readers – http://www.forbes.com/sites/josephsteinberg/2015/03/05/why-you-should-not-use-the-new-smartphone-fingerprint-readers/

A Company’s Data Breach Obligations: The Anthem Example – http://www.thelegalintelligencer.com/home/id=1202719724495/A-Companys-Data-Breach-Obligations-The-Anthem-Example?mcode=1202615324341&curindex=0&slreturn=20150206032715

Top 3 Takeaways from the “Planning for Failure: How to Succeed at Detecting Intruders on your Network” Webcast – https://community.rapid7.com/community/userinsight/blog/2015/03/05/top-3-takeaways-from-the-planning-for-failure-how-to-succeed-at-detecting-intruders-on-your-network-webcast

INTRODUCTION TO MALWARE – SOCIAL ENGINEERING – http://www.securitytube.net/video/12586

What damage does social engineering really cause anyway? – http://www.social-engineer.org/general-blog/what-damage-does-social-engineering-really-cause-anyway/

Bit9 CEO on Data Breach Defense – http://www.inforisktoday.com/interviews/bit9-ceo-on-data-breach-defense-i-2597

DARPA is working on Cognitive Fingerprints authentication process to validate the user identity through the use of software based biometrics. – http://securityaffairs.co/wordpress/34372/digital-id/cognitive-fingerprints-authentication.html

Data Security Is A ‘Lifecycle’ Commitment – http://www.forbes.com/sites/teradata/2015/03/03/data-security-is-a-lifecycle-commitment/

IT Pros More Concerned About Employees Than Hackers: Survey – http://www.securityweek.com/it-pros-more-concerned-about-employees-hackers-survey

 

Miscellaneous Privacy stories:

The Singapore-based company AdNear is using a fleet of commercial drones to determine users’ location and deliver hyper-targeted ads. – http://securityaffairs.co/wordpress/34476/digital-id/drones-advertizing-spying.html

 

Safeguarding Children and School E-Safety stories:

Burnbook App Under Fire for Allegedly Exposing Kids to Cyberbullying – http://abcnews.go.com/GMA/video/burnbook-app-fire-allegedly-exposing-kids-cyberbullying-29407253

Applause for Children’s e-Safety Commissioner plan – http://www.sbs.com.au/news/article/2015/03/06/applause-childrens-e-safety-commissioner-plan

Teenage victim warns others after internet grooming – http://www.dorset.police.uk/default.aspx?page=3644

Facebook is a ‘major location for online child sexual grooming’, head of child protection agency says – http://www.telegraph.co.uk/technology/facebook/10380631/Facebook-is-a-major-location-for-online-child-sexual-grooming-head-of-child-protection-agency-says.html

Facebook allows teenagers to share status updates with the world – http://www.telegraph.co.uk/technology/facebook/10386401/Facebook-allows-teenagers-to-share-status-updates-with-the-world.html

Oxfordshire grooming victims may have totalled 373 children – http://www.bbc.co.uk/news/uk-england-oxfordshire-31643791

Block The Web Monsters – West Yorkshire Police Cyber Crime Week – http://www.westyorkshire.police.uk/blockthewebmonsters

Facebook groomer Jason Storm tried to get 14-year-old to send him explicit pictures – http://www.cambridge-news.co.uk/Facebook-groomer-Jason-Storm-tried-14-year-old/story-26095287-detail/story.html

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/