Call us on 03450 21 21 51

SRM Solutions
The SRM Blog

Information Security Breach Report – 10 March 2015

Written by SRM

10th March 2015

Share this article

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

“Rowhammer” Flaw in DRAM Allows Privilege Escalation: Researchers – http://www.securityweek.com/%E2%80%9Crowhammer%E2%80%9D-flaw-dram-allows-privilege-escalation-researchers

iOS 8.2 stops attackers being able to restart your iPhone with a malicious Flash SMS – https://grahamcluley.com/2015/03/ios-8-2-stops-attackers-being-able-to-restart-your-iphone-with-a-malicious-flash-sms/

Stolen customer data sent to AAFES – http://www.militarytimes.com/story/military/2015/03/09/customer-data-sent-to-aafes-in-breach/24662121/

Credit card breach at Zoup soup, and possibly more restaurants to come – http://www.consumeraffairs.com/news/credit-card-breach-at-zoup-soup-and-possibly-more-restaurants-to-come-030915.html

ODE investigating alleged data breach at Lowellville schools – http://wkbn.com/2015/03/09/ode-investigating-alleged-data-breach-at-lowellville-schools/

XML Files Used to Distribute Dridex Banking Trojan – http://www.securityweek.com/xml-files-used-distribute-dridex-banking-trojan

Cyber attacks thwarted Florida online tests on Thursday, education leaders say – http://www.orlandosentinel.com/features/education/os-cyber-attacks-fsa-testing-20150309-story.html

State DOE: ‘cyber attacks’ responsible for FSA issues – http://www.news-press.com/story/news/education/2015/03/09/fsa-testing-cyber-attacks-fdle/24662619/

FBI investigating apparent ISIS defacements on Western websites – http://securityaffairs.co/wordpress/34637/hacking/fbi-investigating-alleged-isis-attacks.html

Security Advisory: MainWP-Child WordPress Plugin – http://blog.sucuri.net/2015/03/security-advisory-mainwp-child-wordpress-plugin.html

Australian Government Prosecuting Anonymous Member Who Allegedly Exposed The Major Flaw In Its Data Retention Demands – https://www.techdirt.com/articles/20150308/16030230255/australian-government-prosecuting-anonymous-member-who-allegedly-exposed-major-flaw-its-data-retention-demands.shtml

Hacking home networks by compromising a Nest thermostat – http://securityaffairs.co/wordpress/34576/hacking/hacking-nest-home-networks.html

 

Miscellaneous Infosec stories:

Smart Luggage for the Connected Age – http://www.nytimes.com/2015/03/10/business/smart-luggage-for-the-connected-age.html

R.E.S.P.E.C.T.: The way for CISOs to get and keep it – http://www.csoonline.com/article/2894037/security-leadership/r-e-s-p-e-c-t-the-way-for-cisos-to-get-and-keep-it.html#tk.rss_all

Government unveils cyber security initiatives for National Apprenticeship Week – http://www.computerweekly.com/news/2240241968/Government-unveils-cyber-security-initiatives-for-National-Apprenticeship-Week

Data Breach Explosions – Boom Clap – The Breach Goes On and On and On and On and – http://blog.vormetric.com/2015/03/09/data-breach-explosions-boom-clap-breach-goes/

What Would Sherlock Holmes Say About Today’s Data Breaches? – http://www.informationsecuritybuzz.com/what-would-sherlock-holmes-say-about-todays-data-breaches/

Why Israel could be the next cybersecurity world power – http://www.csoonline.com/article/2893304/data-protection/why-israel-could-be-the-next-cybersecurity-world-power.html#tk.rss_all

Shortage of security pros worsens – http://www.csoonline.com/article/2894377/infosec-staffing/shortage-of-security-pros-worsens.html#tk.rss_all

Dead Drops: what to do if you see a USB stick sticking out of a wall – http://www.theguardian.com/artanddesign/shortcuts/2015/mar/08/dead-drops-what-to-do-if-you-see-a-usb-stick-sticking-out-of-a-wall

‘If cloud existed decades ago, backups wouldn’t have been developed’ – http://www.theregister.co.uk/2015/03/08/quotw_ending_6_march/

Expert analysis on the fight against cyber-crime – http://www.itproportal.com/2015/03/08/expert-analysis-fight-against-cyber-crime/

 

Tools, Tips and How it’s done:

Avoiding Social Engineering and Phishing Attacks – https://www.us-cert.gov/ncas/tips/ST04-014

Techniques, Lures, and Tactics to Counter Social Engineering Attacks – http://www.darkreading.com/partner-perspectives/intel/techniques-lures-and-tactics-to-counter-social-engineering-attacks-/a/d-id/1319401

Very effective Social Engineering Scams – http://www.examiner.com/article/very-effective-social-engineering-scams

The Security Download: Anticipating Cyberattacks with Machine Learning – http://blogs.wsj.com/cio/2015/03/09/the-security-download-anticipating-cyberattacks-with-machine-learning/

Second Look: Data Security In A Hybrid Cloud – http://www.darkreading.com/cloud/second-look-data-security-in-a-hybrid-cloud/a/d-id/1319386

What does the collaborative economy mean for information security? – http://www.csoonline.com/article/2893768/security-leadership/what-does-the-collaborative-economy-mean-for-information-security.html#tk.rss_all

 

Miscellaneous Privacy stories:

MPs ‘alarmed’ by millions of mugshots on Brit cops’ databases – http://www.theregister.co.uk/2015/03/10/parliament_sci_tech_committee_alarmed_millions_mugshots_police_databases/

 

Safeguarding Children and School E-Safety stories:

Schoolgirl’s 14-hour police cell ordeal after being accused of bomb hoax ‘that was made by teaching assistant’ – http://www.dailymail.co.uk/news/article-2986087/Schoolgirl-16-arrested-held-police-14-hours-teaching-assistant-used-email-account-make-bomb-threat-against-secondary-school.html

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/