Call us on 03450 21 21 51

SRM Solutions
The SRM Blog

Information Security Breach Report – 19 March 2015

Written by SRM

19th March 2015

Share this article

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

Feds warned Premera about security flaws before breach – http://www.seattletimes.com/seattle-news/feds-warned-premera-about-security-flaws-before-breach/

FBI Uncovers Chinese Military Cyber Attack – http://yournewswire.com/fbi-uncovers-chinese-military-cyber-attack/

Target’s proposed data breach settlement pays victims up to $10k – http://www.engadget.com/2015/03/18/target-hacking-settlement/

Sacred Heart Health System notifies 14,000 patients of data breach after hacking attack – http://www.al.com/business/index.ssf/2015/03/sacred_heart_health_system_not.html

Microsoft takes cafeteria payment kiosks offline as vendor deals with breach – http://www.geekwire.com/2015/microsoft-takes-cafeteria-payment-kiosks-offline-as-vendor-deals-with-breach/

School board breach said to be human error – http://www.thewhig.com/2015/03/18/school-board-breach-said-to-be-human-error

Noobs can pwn world’s most popular BIOSes in two minutes – http://www.theregister.co.uk/2015/03/19/cansecwest_talk_bioses_hack/

Senators rip Anthem for ‘unacceptable’ response to data breach – http://thehill.com/policy/healthcare/236179-senators-blast-anthem-for-unacceptable-response-after-data-breach

EMC data security fails the old fashioned way – http://www.zdnet.com/article/emc-data-security-fails-the-old-fashion-way/

HP Fixes Vulnerabilities in ArcSight Products – http://www.securityweek.com/hp-fixes-vulnerabilities-arcsight-enterprise-security-solutions?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

Dark Web’s ‘Evolution Market’ Vanishes – http://krebsonsecurity.com/2015/03/dark-webs-evolution-market-vanishes/

OKC.gov undergoes cyberattack for second straight day – http://www.koco.com/news/city-officials-okcgov-under-cyberattack-for-second-straight-day/31864190

 

Miscellaneous Infosec stories:

FFIEC to Prepare Cyber-Risk Policy – http://www.bankinfosecurity.com/ffiec-to-prepare-cyber-risk-policy-a-8030

HACKERONE USERNAME CHANGE EXPLOIT |SOCIAL ENGINEERING| – http://www.maadssec.com/blog/hackerone-username-change-exploit/

North Korea Internet outage could be a response to Sony Hack – http://securityaffairs.co/wordpress/35062/cyber-warfare-2/north-korea-sony-hack.html

6 notorious hackers and their second careers – http://fortune.com/2015/03/18/famous-hackers-jobs/

Tech firms ‘will win’ encryption battle: Google chief Eric Schmidt – http://cio.economictimes.indiatimes.com/news/digital-security/tech-firms-will-win-encryption-battle-google-chief-eric-schmidt/46616962

China Finally Admits It Has an Army of Hackers for Cyberwar – http://gizmodo.com/china-finally-admits-it-has-an-army-of-hackers-for-cybe-1692188006

Chief Information Officers Council Proposes HTTPS By Default For All Federal Government Websites – https://www.techdirt.com/articles/20150317/14515530349/chief-information-officers-council-proposes-https-default-all-federal-government-websites.shtml

Healthcare Breaches Like Premera First Stage Of Bigger Attacks? – http://www.darkreading.com/healthcare-breaches-like-premera-first-stage-of-bigger-attacks/d/d-id/1319520

5 EXPERT REACTIONS TO GCHQ’S ‘WEAK LINK’ WARNINGS – http://www.cbronline.com/news/security/5-expert-reactions-to-gchqs-weak-link-warnings-4535483

Brazilian office workers delegate information security to employers – http://www.zdnet.com/article/brazilian-office-workers-delegate-information-security-to-employers/

Lax security leaves medical info open to cyber-attacks – http://the-japan-news.com/news/article/0002009525

 

Tools, Tips and How it’s done:

Researchers Earn $317,500 on First Day of Pwn2Own 2015 – http://www.securityweek.com/researchers-earn-317500-first-day-pwn2own-2015

ndpoint Security Makes Quantum Shift: Part IV – Resolution – http://www.countertack.com/blog/endpoint-security-makes-quantum-shift-part-iv-resolution

The 7 Best Social Engineering Attacks Ever – http://www.darkreading.com/the-7-best-social-engineering-attacks-ever/d/d-id/1319411?_mc=RSS_DR_EDT

ANIMATION: How to Create the Perfect Password – http://www.informationsecuritybuzz.com/animation-how-to-create-the-perfect-password/

Making the Case for Security Investment – http://www.esecurityplanet.com/network-security/making-the-case-for-security-investment.html

How to tackle cyber crime before people even know they’re a victim – http://theconversation.com/how-to-tackle-cyber-crime-before-people-even-know-theyre-a-victim-38385

Introduction to GSM Security – http://resources.infosecinstitute.com/introduction-to-gsm-security/

Predicting Future Security Threats is a Risky Business – http://blogs.intralinks.com/collaborista/2015/03/predicting-future-security-threats-is-a-risky-business/

Why Are Health Insurers Hacker Targets? – http://www.bankinfosecurity.com/are-health-insurers-hacker-targets-a-8029

Common Mobile Application Security, Privacy Challenges – http://www.securityweek.com/common-mobile-application-security-privacy-challenges

Cyber snipers: are you the target? – http://www.scmagazineuk.com/cyber-snipers-are-you-the-target/article/404012/

Tips on e-commerce shops security – http://0x55.blogspot.co.uk/2015/03/tips-on-E-commerce-shops-security.html

Social Engineering – Most Challenging Cyber Security Threats – http://www.digitalqatar.qa/en/2015/03/18/social-engineering-most-challenging-cyber-security-threats/

 

Miscellaneous Privacy stories:

‘You are under attack,’ Snowden tells CeBIT-goers – http://www.dw.de/you-are-under-attack-snowden-tells-cebit-goers/a-18324290

How the dark web spurs a spying ‘arms race’ – http://www.bbc.co.uk/news/technology-31948818

NY Court Orders Sheriff To Reveal Details On Stingray Mobile Phone Surveillance – https://www.techdirt.com/articles/20150318/07075430353/ny-court-orders-sheriff-to-reveal-details-stingray-mobile-phone-surveillance.shtml

Campaigners call to curb GCHQ spying powers – http://www.bbc.co.uk/news/technology-31952973

Cisco posts kit to empty houses to dodge NSA chop shops – http://www.theregister.co.uk/2015/03/18/want_to_dodge_nsa_supply_chain_taps_ask_cisco_for_a_dead_drop/?mt=1426694168077

 

Safeguarding Children and School E-Safety stories:

Paedophile who tried to arrange to abuse eight-year-old girl while working at the SOUTH POLE is jailed for three years – http://www.dailymail.co.uk/news/article-3000692/Paedophile-arranged-abuse-young-girl-working-South-Pole.html

Australia gets its first Children’s e-Safety Commissioner – http://www.theaustralian.com.au/business/latest/australia-gets-its-first-childrens-e-safety-commissioner/story-e6frg90f-1227269535719

Police supporting Child Sexual Exploitation awareness day – http://www.loughboroughecho.net/news/local-news/police-supporting-child-sexual-exploitation-8864555

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/