Call us on 03450 21 21 51

SRM Solutions
The SRM Blog

Information Security Breach Report – 20 March 2015

Written by SRM

20th March 2015

Share this article

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

Latest Dridex Campaign Evades Detection with AutoClose Function – https://threatpost.com/latest-dridex-campaign-evades-detection-with-autoclose-function/111743

At least 700,000 routers given to customers by ISPs are vulnerable to hacking – http://www.csoonline.com/article/2899874/network-security/at-least-700000-routers-given-to-customers-by-isps-are-vulnerable-to-hacking.html#tk.rss_all

DLL Hijacking Flaws Found in Rockwell Automation’s FactoryTalk – http://www.securityweek.com/dll-hijacking-flaws-found-rockwell-automation%E2%80%99s-factorytalk?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

Drupal Flaw Allows Attackers to Forge Password Reset URLs – http://www.securityweek.com/drupal-flaw-allows-attackers-forge-password-reset-urls?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

HP Fixes Vulnerabilities in ArcSight Products – http://www.securityweek.com/hp-fixes-vulnerabilities-arcsight-enterprise-security-solutions

Johnson Controls, XZERES, Honeywell Patch Vulnerable Products – http://www.securityweek.com/johnson-controls-xzeres-honeywell-patch-vulnerable-products?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

NYPD cop in court for allegedly hacking into the FBI – http://www.theregister.co.uk/2015/03/20/nypd_cop_hacked_into_fbi_say_prosecutors/

Big Think’s Facebook Fan Page Hacked and Sending out Horrifying Spam – http://bigthink.com/think-tank/big-thinks-facebook-fan-page-hacked

More than 260 charged in online child abuse operation – http://www.bbc.co.uk/news/uk-31988732

Alert: Indian ATMs Face New Attacks – http://www.bankinfosecurity.com/alert-indian-atms-face-new-attacks-a-8035

EMC Patches Flaws in M&R, Secure Remote Services – http://www.securityweek.com/emc-patches-flaws-mr-secure-remote-services

Dozens of international students reporting credit card fraud – http://wlfi.com/2015/03/05/dozens-of-international-students-reporting-credit-card-fraud/

Public school board ‘actively’ investigating new allegations of privacy breach – http://calgaryherald.com/news/local-news/public-school-board-actively-investigating-new-allegations-of-privacy-breach

LAX POLICE REPORT CREDIT CARD DATA BREACH – http://abc7.com/news/lax-police-report-credit-card-data-breach/565562/

Anti-censorship group in China faces DDoS attack – http://www.csoonline.com/article/2899091/malware-cybercrime/anticensorship-group-in-china-faces-ddos-attack.html#tk.rss_all

 

Miscellaneous Infosec stories:

New attacks suggest leeway for patching Flash Player is shrinking – http://www.csoonline.com/article/2900112/malware-cybercrime/new-attacks-suggest-leeway-for-patching-flash-player-is-shrinking.html#tk.rss_all

Recommendations detailed for Mayor and Met on cyber policing – http://www.itsecurityguru.org/2015/03/20/recommendations-detailed-for-mayor-and-met-on-cyber-policing/

France ‘particularly fertile ground’ for cyber attacks, says security firm – http://www.france24.com/en/20150320-cyber-security-insecurity-fireeye-latest-analysis/

US hopes reward offers can help net foreign cyber criminals – http://bigstory.ap.org/article/85641ac2f86b474f96833ce91674ad70/us-turns-rewards-hunt-overseas-cyber-criminals

Data Breach Detection Takes Days or Longer For Many Businesses: Survey – http://www.securityweek.com/data-breach-detection-takes-days-or-longer-many-businesses-survey

 

Tools, Tips and How it’s done:

‘Compliance fatigue’ sets in – http://www.csoonline.com/article/2899612/compliance/compliance-fatigue-sets-in.html#tk.rss_all

Are your business partners secure? – http://www.csoonline.com/article/2899344/supply-chain-security/are-your-business-partners-secure.html#tk.rss_all

The High Cost of a Data Breach Data: Do You Have $5M to Lose? – http://www.cmswire.com/cms/information-management/the-high-cost-of-a-data-breach-data-do-you-have-5m-to-lose-028537.php

The decade of the data breach – how to cope – http://www.information-age.com/technology/security/123459205/decade-data-breach-how-cope

Assessing end-user awareness of social engineering and phishing – http://citeseerx.ist.psu.edu/viewdoc/download;jsessionid=1914F4739F4C6EF0C9ED9594EDABF371?doi=10.1.1.91.5838&rep=rep1&type=pdf

New Threat: ID Theft in the Workplace – http://www.inforisktoday.co.uk/interviews/new-threat-id-theft-in-workplace-i-2607

Defining “Meaningful Human Control” Over Autonomous Weapons – http://justsecurity.org/21244/defining-meaningful-human-control-autonmous-weapon-systems/

How Film Industry May Combat Cyber Crime – http://allafrica.com/stories/201503200238.html

These guys show how easy it is to scam people via social engineering – http://cyberwarzone.com/these-guys-show-how-easy-it-is-to-scam-people-via-social-engineering/

The Screen Savers – Hosted by Kevin Mitnick & Steve Wozniak – http://www.misleddit.com/p/2zkiws/

Pass the hash! – https://www.dshield.org/diary/Pass+the+hash!/19479

 

Miscellaneous Privacy stories:

Equifax mistakenly sends hundreds of credit reports to Biddeford woman – http://wgme.com/news/features/top-stories/stories/13-investigates-hundreds-credit-reports-mistakenly-sent-biddeford-woman-26458.shtml#.VQyVwo6sV8F

Common Mobile Application Security, Privacy Challenges – http://www.securityweek.com/common-mobile-application-security-privacy-challenges?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

 

Safeguarding Children and School E-Safety stories:

Cyber bullying is devastating, says Monica Lewinsky – http://www.independent.co.uk/news/world/americas/cyber-bullying-is-devastating-says-monica-lewinsky-10124053.html

Students learn how to stand up to cyber bullying on National Day of Action against Bullying and Violence – http://www.smh.com.au/technology/technology-news/students-learn-how-to-stand-up-to-cyber-bullying-on-national-day-of-action-against-bullying-and-violence-20150320-1m3sgz.html

Support pledged to campaign against child grooming – http://www.wakefieldexpress.co.uk/news/local-news/support-pledged-to-campaign-against-child-grooming-1-7163945

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/