Call us on 03450 21 21 51

SRM Solutions
The SRM Blog

Information Security Breach Report – 13 March 2015

Written by SRM

13th March 2015

Share this article

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

A new Facebook Worm exploits multiple cloud services – http://securityaffairs.co/wordpress/34835/malware/facebook-worm-kilim.html

Achievement Locked: New Crypto-Ransomware Pwns Video Gamers – http://labs.bromium.com/2015/03/12/achievement-locked-new-crypto-ransomware-pwns-video-gamers/

VMware activates AirWatch MDM fail removal plan – http://www.theregister.co.uk/2015/03/13/vmware_updates_broken_mdm_agent/

Adobe Fixes Critical Flash Player Vulnerabilities – http://www.securityweek.com/adobe-fixes-critical-flash-player-vulnerabilities

Google tells world where Apps users live after WHOIS SNAFU – http://www.theregister.co.uk/2015/03/13/cisco_googleapps_whois/

Forget viruses: Evil USB drive ‘fries laptops with a power surge’ – http://www.theregister.co.uk/2015/03/12/usb_drive_fry_your_laptop/

Nordea Phishing Campaign Continues – https://www.f-secure.com/weblog/archives/00002797.html

Dropbox Patches Remotely Exploitable Vulnerability in SDK – https://threatpost.com/dropbox-patches-remotely-exploitable-vulnerability-in-sdk/111587

EquationDrug, the hacking platform of the Equation Group APT – http://securityaffairs.co/wordpress/34769/intelligence/equationdrug-platform-equation-group.html

Google Fixes Privilege Escalation Vulnerabilities in Android 5.1 Lollipop – http://www.securityweek.com/google-fixes-privilege-escalation-vulnerabilities-android-51-lollipop

 

Miscellaneous Infosec stories:

Hurry shipmates – the black hats have hacked our fire control system – http://www.theregister.co.uk/2015/03/13/infosec_uk_young_govt_infrastructure_cyber_attack/

Apple Watch worries security advocates – http://www.csoonline.com/article/2895955/mobile-security/apple-watch-worries-security-advocates.html#tk.rss_all

Banking Trojans decline, but financial malware threat persists – http://searchfinancialsecurity.techtarget.com/news/2240242212/Banking-Trojans-decline-but-financial-malware-threat-persists

Obama Administration Proposes Giving Courts More Power to Issue Botnet Injunctions – http://www.securityweek.com/obama-administration-proposes-giving-courts-more-power-issue-botnet-injunctions?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

Is your heartbeat the key to secure banking? – http://www.bbc.co.uk/news/business-31837865

Verizon: Breaches Under-Reported Globally – http://www.databreachtoday.co.uk/verizon-breaches-are-pervasive-wordwide-a-8006

IT Security Pros Feeling the Pressure to Protect Their Environments – http://www.securityweek.com/it-security-pros-feeling-pressure-protect-their-environments

ECIPS – SKYPE HOSTS ID THEFT FAKE ACCOUNTS – http://securityaffairs.co/wordpress/34787/cyber-crime/ecips-skype-id-theft.html

UK call centre linked to ‘millions’ of nuisance robo-calls raided by ICO – http://www.theregister.co.uk/2015/03/12/nuisance_call_ico_raids_call_centre/

 

Tools, Tips and How it’s done:

8 steps successful security leaders follow to drive improvement – http://www.csoonline.com/article/2895341/security-leadership/8-steps-successful-security-leaders-follow-to-drive-improvement.html#tk.rss_all

‘Get your privacy policy down to one page’: AVG CEO throws glove down – http://www.theregister.co.uk/2015/03/13/avg_ceo_speaks_out_on_surveillance_scams_security/

Know What Hackers Know: HP Cyber Risk Report 2015 – http://www.securityweek.com/know-what-hackers-know-hp-cyber-risk-report-2015?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

Short URL Security for Mobile Devices – http://www.solutionary.com/resource-center/blog/2015/03/short-url-security/

Rooting the Transcend WiFi SD card – https://gist.github.com/deckar01/6d9b76bdef21eaab0568

Inside the largest ever UK cyber-terror simulation – http://www.bbc.co.uk/newsbeat/31856831

Why Medical Data Is Vulnerable — And Valuable — To Cybercriminal – http://www.forbes.com/sites/teradata/2015/03/12/why-medical-data-is-vulnerable-and-valuable-to-cybercriminals/

Why CISOs Need a Security Manifesto – http://www.securityweek.com/why-cisos-need-security-manifesto

Introducing dnsdist: DNS, abuse- and DoS-aware query distribution for optimal performance – http://blog.powerdns.com/2015/03/11/introducing-dnsdist-dns-abuse-and-dos-aware-query-distribution-for-optimal-performance/

 

Miscellaneous Privacy stories:

‘It should be named Eavesdropping Barbie’: Privacy campaigners call for Mattel to scrap its new Wi-Fi-enabled doll which can record conversations with children – http://www.dailymail.co.uk/femail/article-2990370/Privacy-campaigners-call-Mattel-scrap-new-Wi-Fi-enabled-Barbie-record-conversations-children.html

Report Says UK Citizens Must Give Up Right To Privacy Because ‘Terrorism’, Reveals Huge Secret Government Databases – https://www.techdirt.com/articles/20150312/09283830302/report-says-uk-citizens-must-give-up-right-to-privacy-because-terrorism-reveals-huge-secret-government-databases.shtml

Ecuador Requires Hotels, Pubs, Clubs, Dance Halls And Massage Parlours To Store CCTV Footage Of Their Public Areas For Six Months – https://www.techdirt.com/articles/20150308/08141230250/ecuador-requires-hotels-pubs-clubs-dance-halls-massage-parlors-to-store-cctv-footage-their-public-areas-six-months.shtml

UK’s online spying habits are legal but require overhaul, says government – http://www.theverge.com/2015/3/12/8198785/gchq-mass-surveillance-isc-report-2015

Security: How to Get Management Buy-In – http://www.inforisktoday.co.uk/security-how-to-get-management-buy-in-a-8002

Hey Siri, How Come Strangers Are Listening To My Private Messages? – http://www.tripwire.com/state-of-security/security-awareness/siri-privacy/

 

Safeguarding Children and School E-Safety stories:

After Schilling cyber-bullying, local expert offers advice for parents – http://www.azfamily.com/story/28419080/after-schilling-cyber-bullying-local-expert-offers-advice-for-parents

Teacher Accused Of Using Social Media To Cyberbully A Student – http://cbs12.com/news/top-stories/stories/teacher-accused-using-social-media-cyberbully-student-24036.shtml

Work harder to stop online child abuse, MEPs tell EU states – http://www.theregister.co.uk/2015/03/12/eu_govts_must_stamp_out_online_child_abuse_meps/

Privacy Pitfalls as Education Apps Spread Haphazardly – http://www.nytimes.com/2015/03/12/technology/learning-apps-outstrip-school-oversight-and-student-privacy-is-among-the-risks.html?ref=technology&_r=0

Children’s e-Safety laws target social media and cyber bullying – http://www.cnet.com/au/news/childrens-e-safety-laws-target-social-media-and-cyber-bullying/

Pupils’ details sent out in school error – http://www.expressandstar.com/news/local-news/2015/03/11/pupils-details-sent-out-in-school-error/

Police swoop on north London school after ‘threat to kill pupils’ posted on online forum – http://www.standard.co.uk/news/london/north-london-independent-school-placed-in-lockdown-after-online-threat-to-kill-pupils-posted-on-forum-10104537.html

Barnsley sex abuser jailed after grooming girl from aged 12 – http://www.bbc.co.uk/news/uk-england-south-yorkshire-31878740

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/