Call us on 03450 21 21 51

SRM Solutions
The SRM Blog

Information Security Breach Report – 27 April 2015

Written by SRM

27th April 2015

Share this article

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.


Breaches, Incidents and Alerts:

Tesla’s website has been hacked –

White Lodging Services confirms second payment card breach –

Punkey, a new POS Malware in the criminal ecosystem –

Zero-Day Malvertising Attack Went Undetected For Two Months –

NetNanny Found Using Shared Private Key, Root CA –

Pushdo spamming botnet still active in the wild –

Cash register maker used same password – 166816 – non-stop since 1990 –

Phasebot, the fileless malware sold in the underground –

Samsung Galaxy S5 could be open to fingerprint theft –

Costa Coffee Club members wake up and smell the data breach –

Hacked off: Tesco Clubcard and Costa Coffee cards breached in Cambridge area –

Bypassing OS X Security Tools is Trivial, Researcher Says –

Login Vulnerability Exposes SAP ASE Databases –

Magento Flaw Exploited in the Wild a few hours after disclosure –

New Threats Range From ‘Dribbling Breached Data’ to IoT and Toys –

39,000 patients may have been victim in Seton data breach –

Hack breaches Taipei government computers –

Phishing Leads to Healthcare Breach –

No evidence that any data removed from system: Premera –

Anonymous Claims Hack of Israeli Arms Importer, Fab-Defense; Leaks Massive Client Login Data –

Evil Wi-Fi kills iPhones, iPods in range – ‘No iOS Zone’ SSL bug revealed –

WordPress Releases Version 4.1.2, Calls It A “Critical Security Release” –


Miscellaneous Infosec stories:

Hacking telesurgery robots, a concrete risk –

Spy in the sandbox attack to spy on your online activity –

Insider threats force balance between security and access –

Study: Firms not ready to respond to complex threats –

48,000 Windows XP PCs are still running at TEPCO … which are the risks? –

Insurers mull proposed cyber rules –

Low IT security spend in region leaves businesses open to cyber attacks –

Cyber-Attacks Getting Respect All Over The World –

Russian Hackers Read Obama’s Emails During White House Security Breach –

Congress to banks: Admit you’ve been hacked! –

Should we fear hackers? –

Banks Lose Up to $100K/Hour to Shorter, More Intense DDoS Attacks –

Massive TalkTalk data breach STILL causing customer scam tsunami –

Fraud or Breach? Questions to Ask Before Calling in the Cavalry –

Ransomware crims drop Bitcoin faster than Google axes services –

The international effort to confront international cybercrime –

Encryption adoption slows, but users believe it frees them from breach reporting –

It’s official: David Brents are the weakest link in phishing attacks –

A Few Challenges in Calculating Total Cost of a Data Breach Using Insurance Claims Payment Data –

Your city’s not smart if it’s vulnerable, says hacker –

BYOD and cloud are top data breaches and malware risks, survey shows –


Tools, Tips and How it’s done:

Analyzing the Magento Vulnerability (Updated) –

1,500 iOS apps have HTTPS-crippling bug. Is one of them on your device? –

The hacker Stefan Esser shows the jailbreak for iOS 8.4 beta 1 –

How to hack Avaya phones with a simple text editor –

How to discover NSA Quantum Insert attacks on your systems –

Former hacker talks phone password security –

Your big data toolchain is a big security risk! –

Quantum Insert Attack –

Smarter threats and the rising complexity of cybercrime –

Millions of accounts are being compromised because developers don’t have a specialised user database –

How To Protect Your Business From Social Engineering –

This machine catches stingrays: Pwnie Express demos cellular threat detector –

Inside the rickety, vulnerable systems that run just about every power plant –


Miscellaneous Privacy stories:

Hackers spy on Kansas family through unsecured baby monitor –


Safeguarding Children and School E-Safety stories:

We’re not getting to grips with online hate –

Rise in reports of abusive texts prompts headteacher to send letter to parents –

5 ways to tell an online predator may be grooming your child –


If you would like this report sent to your inbox each morning, email me at

You can see all previous issues of this blog at


My Linkedin Profile is