Monthly Archive February 2015

Sunday 22nd February 2015

Retailer breach stories:

Level 2 Retailer data breach – Barclaycard – www.barclaycard.co.uk/business/files/Level2_retailer_data_breach.pdf

Shoe retailer Office warned on data breach – http://www.bbc.co.uk/news/technology-30896805 and http://www.computerweekly.com/news/2240238420/Information-Commissioners-Office-issues-warning-to-Office-shoe-retailer-over-data-breach

Target data breach: Why UK business needs to pay attention – http://www.computerweekly.com/feature/Target-data-breach-Why-UK-business-needs-to-pay-attention

Online retailer Play.com admits data breach – http://www.information-age.com/technology/security/1611878/online-retailer-playcom-admits-data-breach

Retailer Michaels Stores confirms payment card data breach – http://uk.reuters.com/article/2014/04/17/us-michaelsstores-cybercrime-idUSBREA3G27N20140417

Retail Security Breaches 2014: Home Depot, Target Should Have Stronger Countermeasures, Experts Say – http://www.ibtimes.com/retail-security-breaches-2014-home-depot-target-should-have-stronger-countermeasures-1683362

Which Big Retailer Hasn’t Reported a Major Breach — Yet? – http://www.bloomberg.com/news/articles/2014-10-21/which-big-retailer-hasn-t-reported-a-major-breach-yet-

The Year Of The Retailer Data Breach – http://www.darkreading.com/attacks-breaches/the-year-of-the-retailer-data-breach/d/d-id/1317462

Home Depot says 56 MILLION payment cards have been affected by biggest retail security breach in history – http://www.dailymail.co.uk/news/article-2761490/Home-Depot-says-malware-affected-56M-payment-cards.html

Retailer Bebe Confirms Payment Card Data Breach – http://techcrunch.com/2014/12/05/retailer-bebe-confirms-payment-card-data-breach/

Staples Becomes The Latest Retailer Affected By A Payment Card Data Breach – http://techcrunch.com/2014/10/21/staples-becomes-the-latest-retailer-affected-by-a-payment-card-data-breach/

Kmart becomes latest retailer to suffer security breach – http://fortune.com/2014/10/10/kmart-becomes-latest-retailer-to-suffer-security-breach/

Banks take on retailers over who foots cyber attacks bill – http://www.ft.com/cms/s/0/23f1339c-6778-11e4-8970-00144feabdc0.html#axzz3SSs0seud

Data Breach Survey: Consumers hold retailers responsible, second only to criminals – http://www.brunswickgroup.com/about-us/news/data-breach-survey/

Moonpig investigating potential security breach – http://www.essentialretail.com/news/ecommerce/article/54ac11bb8b255-moonpig-investigating-potential-security-breach

Chick-fil-A May Be the Latest Retail Data Breach Victim – http://www.eweek.com/security/chick-fil-a-may-be-the-latest-retail-data-breach-victim.html

4 Reasons Why You Should Shop at Stores That Got Hacked – http://time.com/money/3524447/data-breach-target-home-depot-holiday-shopping/

3 High Profile Retail Data Breaches Changing Consumer Behaviour– Unless Executives Act – https://zonefox.com/news/high-profile-retail-data-breaches-changing-consumer-behaviour-unless-executives-act/

Dairy Queen says data breached at stores – http://www.cnbc.com/id/102077305#.

Grocery stores in multiple states hit by data breach – http://www.computerworld.com/article/2491234/cybercrime-hacking/grocery-stores-in-multiple-states-hit-by-data-breach.html

2013 Data Breaches: All You Need to Know – http://resources.infosecinstitute.com/2013-data-breaches-need-know/

Retailers’ data breaches could get ‘ugly’ – http://www.detroitnews.com/story/business/personal-finance/2014/12/07/retailers-data-breach/20067897/

The Real Cost of a Retail Data Breach – http://data-protection.safenet-inc.com/2014/07/the-real-cost-of-a-retail-data-breach/#sthash.S4yW6HvS.dpbs

Continuous Breach: A New State of Mind, Especially for Retailers – https://www.damballa.com/continuous-breach/

Can Companies Restore Consumer Confidence After a Data Breach? – http://www.triplepundit.com/2014/07/can-companies-restore-consumer-confidence-data-breach/

Another Potential Retail Mega Breach At Sandwich Chain Jimmy Johns – http://www.tripwire.com/state-of-security/latest-security-news/another-potential-retail-mega-breach-at-sandwich-chain-jimmy-johns/

Court Rules in Favor of Breached Retailer – http://www.databreaches.net/court-rules-in-favor-of-breached-retailer/

Supervalu hit by hackers, data breach affects 180 stores – http://www.techtimes.com/articles/13145/20140815/supervalu-hit-by-hackers-data-breach-affects-180-stores.htm

2014 – An Explosion of Data Breaches and PoS RAM Scrapers – http://blog.trendmicro.com/trendlabs-security-intelligence/2014-an-explosion-of-data-breaches-and-pos-ram-scrapers/

How companies can rebuild trust after a security breach – http://www.techpageone.co.uk/en/technology/security-it/companies-can-rebuild-trust-security-breach/#.VOmrFvmsV8E

Why retailers bear the brunt of security breaches – http://www.networkworld.com/article/2458993/security0/why-retailers-bear-the-brunt-of-security-breaches.html

Poll: Nearly half of cardholders likely to avoid stores hit by data breaches – http://www.creditcards.com/credit-card-news/shopping-after-breach.php

Retail Breaches Bolster Interest In NIST Cyber Security Advice – http://www.informationweek.com/government/cybersecurity/retail-breaches-bolster-interest-in-nist-cyber-security-advice/d/d-id/1252740

Retail’s Reality: Shopping Behavior After Security Breaches – http://www.interactionsmarketing.com/retailperceptions/2014/06/retails-reality-shopping-behavior-after-security-breaches/

Backoff and BlackPOS Malware Breach Retailers Point of Sale Systems – http://www.yassl.com/yaSSL/Blog/Entries/2014/9/11_Backoff_and_BlackPOS_Malware_Breach_Retailers_Point_of_Sale_Systems.html

Retailers Are Finding That Data Vulnerability Can Undo Years of Brand Equity – http://www.adweek.com/news/advertising-branding/retailers-are-finding-data-vulnerability-can-undo-years-brand-equity-156459

10 lessons learned from major retailers’ cyber breaches – http://www.propertycasualty360.com/2014/09/23/10-lessons-learned-from-major-retailers-cyber-brea

POSSIBLE DATA BREACH AT ACME STORES IN PA, NJ, DEL. – http://6abc.com/shopping/possible-data-breach-at-acme-stores-in-pa-nj-del/329670/

Credit Card Breaches Happen: What You Can Do to Protect Yourself – http://www.zonealarm.com/blog/2014/11/credit-card-breaches-happen-what-you-can-do-to-protect-yourself/

WHY IS THE COST OF A DATA BREACH SO HIGH? – http://www.delegosoftware.com/why-is-the-cost-of-a-data-breach-so-high/

What Retailers Need to Do to Prevent the Next Breach – http://www.csc.com/cybersecurity/insights/107105-what_retailers_need_to_do_to_prevent_the_next_breach

Sheplers Western Wear Alerts Customers Concerning Data Breach Affecting Retail Stores – http://www.databreaches.net/sheplers-western-wear-alerts-customers-concerning-data-breach-affecting-retail-stores/

The data breach payment fight heats up – http://thehill.com/policy/cybersecurity/228161-the-fight-over-paying-for-data-breaches-heats-up

Strengthening security after a breach of a retailer’s customer data – http://www.pwc.com/us/en/advisory-services/case-studies/technology/assets/strengthening-security.pdf

Data breach alert: Small retailers are especially vulnerable –

Lax security and complacency are common – http://www.consumerreports.org/cro/news/2014/05/data-breach-alert-small-retailers-are-especially-vulnerable/index.htm

Chronology of Data Breaches | Privacy Rights Clearinghouse – https://www.privacyrights.org/data-breach-asc

Why is PCI DSS Compliance Important? – http://www.theukcardsassociation.org.uk/security/PCIDSS_compliance.asp

PCI DSS: is the cure worse than the disease? – http://www.techworld.com/news/security/pci-dss-is-cure-worse-than-disease-3426435/

If I’m not compliant, what may happen to me and my business? – http://www.theukcardsassociation.org.uk/security/Non_compliance_PCIDSS.asp

The real cost of a data breach – http://www.retaildive.com/news/the-real-cost-of-a-data-breach/363587/

Regaining Consumer Trust Post-Breach Starts at the Point of Sale – http://www.paymentssource.com/news/interchange/regaining-consumer-trust-post-breach-starts-at-the-point-of-sale-3020599-1.html

SRM

Thursday 19th February 2015

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

Breaches, Incidents and Alerts:

Meet Babar, a New Malware Almost Certainly Created by France – http://motherboard.vice.com/read/meet-babar-a-new-malware-almost-certainly-created-by-france

Tens of thousands of home routers at risk with duplicate SSH keys – http://www.csoonline.com/article/2886236/network-security/tens-of-thousands-of-home-routers-at-risk-with-duplicate-ssh-keys.html#tk.rss_all

Cyber Espionage group attacking thousands of victims globally – http://www.itnewsafrica.com/2015/02/cyber-espionage-group-attacking-thousands-of-victims-globally/

Lenovo sold laptop with pre-installed Superfish malware – http://securityaffairs.co/wordpress/33800/malware/lenovo-laptop-pre-installed-superfish.html

Got a Netgear wireless router? You’ve got a security problem – http://www.hotforsecurity.com/blog/got-a-netgear-wireless-router-youve-got-a-security-problem-11429.html

Morgan Stanley breach probe shifts to hacker from fired employee: WSJ – http://www.reuters.com/article/2015/02/19/us-morgan-stanley-cybercrime-idUSKBN0LN07920150219?feedType=RSS&feedName=businessNews

Bitcoin exchange shuts down after suspected password breach – http://grahamcluley.com/2015/02/bitcoin-exchange-shuts-down/

Update On Morgan Stanley Breach Probe – http://www.bidnessetc.com/35121-update-on-morgan-stanley-ms-breach-probe/

Babar the Elephant: Another malware plague with a cute name – http://www.theregister.co.uk/2015/02/19/babar_french_cyberespionage/

25 billion Cyberattacks hit systems in Japan during 2014 – http://securityaffairs.co/wordpress/33776/hacking/25-billion-cyberattacks-hit-japan.html

Cisco – New Malware-Laced Spam Campaign Hits Corporate Users – http://www.spamfighter.com/News-19462-Cisco-New-Malware-Laced-Spam-Campaign-Hits-Corporate-Users.htm

UMaine Data Breach Exposes Information on Hundreds of Students – http://news.mpbn.net/post/umaine-data-breach-exposes-information-hundreds-students

RedTube porn website spreads malware, via iFrame invisible to the naked eye – http://grahamcluley.com/2015/02/redtube-malware/

Scammers using obituary notices to acquire new victims – http://www.csoonline.com/article/2885141/malware-cybercrime/scammers-using-obituary-notices-to-acquire-new-victims.html#tk.rss_all

Malicious Emails Can Cause Android Email App to Crash: Researcher – http://www.securityweek.com/malicious-emails-can-cause-gmail-app-crash-researcher

Vawtrak Banking Trojan Uses Windows PowerShell, Macros in Infection Routines – http://www.securityweek.com/vawtrak-banking-trojan-uses-windows-powershell-macros-infection-routines

Miscellaneous Infosec stories:

Swedish man pleads guilty to peddling Blackshades malware – http://www.csoonline.com/article/2886356/cyber-attacks-espionage/swedish-man-pleads-guilty-to-peddling-blackshades-malware.html#tk.rss_all

Banking Malware Redefined – http://www.securityweek.com/banking-malware-redefined?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

iBank: RBS, NatWest first UK banks to allow Apple Touch ID logins – http://www.theregister.co.uk/2015/02/19/natwest_mobile_banking_touch_id/

Vawtrack malware peddlers turn to malicious macros – http://www.net-security.org/malware_news.php?id=2967&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29

Software Advice: More than half of SMBs don’t have data breach plan – http://www.tweaktown.com/news/43626/software-advice-more-half-smbs-data-breach-plan/index.html

End Users Causing Bulk Of Infosec Headaches – http://www.darkreading.com/end-users-causing-bulk-of-infosec-headaches/d/d-id/1319143

The Average Face of a Hacker is Revealed by the Team at Secure Thoughts – http://www.virtual-strategy.com/2015/02/18/average-face-hacker-revealed-team-secure-thoughts#axzz3SCy59PFn

Hurd: Cyber security most pressing issues in U.S. – http://www.ksat.com/content/pns/ksat/news/2015/02/18/hurd–cyber-security-most-pressing-issues-in-u-s-.html

Lawsuit: Anthem Was Warned Of Cyber Threat To Health Care Providers – http://losangeles.cbslocal.com/2015/02/18/lawsuit-anthem-was-warned-of-cyber-threat-to-health-care-providers/

Kaspersky says his warnings about cyber threats have come true – http://latino.foxnews.com/latino/lifestyle/2015/02/18/kaspersky-says-his-warnings-about-cyber-threats-have-come-true/

An Internet of Things that do what they’re told – http://radar.oreilly.com/2015/02/an-internet-of-things-that-do-what-theyre-told.html

Social engineering the new norm for hackers, nation-states – http://www.scmagazineuk.com/social-engineering-the-new-norm-for-hackers-nation-states/article/399016/

Cars Are Delivering Tons Of Driving Data To Manufacturers With Minimal Security And Even Less Transparency – https://www.techdirt.com/articles/20150211/10134429988/cars-are-delivering-tons-driving-data-to-manufacturers-with-minimal-security-even-less-transparency.shtml

Carbanak Cybersecurity Threat Is Overhyped, Banking Groups Say – http://www.americanbanker.com/news/bank-technology/carbanak-cybersecurity-threat-is-overhyped-banking-groups-say-1072809-1.html

Security In The Year 2020 – http://www.tripwire.com/state-of-security/security-awareness/security-in-the-year-2020/

Hey, does anyone know if Dilbert has upset Kim Jong Un recently? – http://grahamcluley.com/2015/02/hey-does-anyone-know-if-dilbert-has-upset-kim-jong-un-recently/

Visual hacking exposed – http://www.net-security.org/secworld.php?id=17971&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29

Boards Not Regularly Briefed on Cyber-Security: Survey – http://www.securityweek.com/many-boards-directors-not-regularly-briefed-cyber-security-survey

Upgraded version of encryptors spreading with help of social engineering – http://techchannelmea.com/security/upgraded-version-encryptors-spreading-help-social-engineering

Secure Domains: The DNS Security Debate – http://www.inforisktoday.co.uk/secure-domains-dns-security-debate-a-7927

Kaspersky says his warnings about cyber threats have come true – http://latino.foxnews.com/latino/lifestyle/2015/02/18/kaspersky-says-his-warnings-about-cyber-threats-have-come-true/

Banking Malware Redefined – http://www.securityweek.com/banking-malware-redefined

Tools, Tips and How it’s done:

3 P’s to practice safe cyber security habits – http://www.ksat.com/content/pns/ksat/news/2015/02/18/3-p-sto-practice-safe-cyber-security-habits.html

Intel Security: social engineering hacking the human OS – http://www.itwire.com/business-it-news/security/67042-intel-security-social-engineering-hacking-the-human-os

Protect Yourself From Cyber Attacks – http://www.benzinga.com/general/topics/15/02/5243949/protect-yourself-from-cyber-attacks

Time for an Updated Cyber Risk Approach; BPI Data Breach – http://www.dataprivacymonitor.com/privacy/time-for-an-updated-cyber-risk-approach-bpi-data-breach/

Five Cyber Attacks that Made CISOs Rethink Security – http://www.itbusinessedge.com/slideshows/five-cyber-attacks-that-made-cisos-rethink-security.html

5 Ways Companies Can Avoid a Data Breach in 2015 – http://datashieldcorp.com/2015/02/18/5-ways-companies-can-avoid-data-breach-2015/

Three Keys to a Successful Cybersecurity Defense Program – http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/three-keys-to-a-successful-cybersecurity-defense-program/

The Web Application Stack – A Growing Threat Vector – http://www.infosecdailynews.com/the-web-application-stack-a-growing-threat-vector/

Protecting Your Personal Information and Identity After a Breach – http://www.solutionary.com/resource-center/blog/2015/02/protecting-personal-information/

THE GREAT SIM HEIST – HOW SPIES STOLE THE KEYS TO THE ENCRYPTION CASTLE – https://firstlook.org/theintercept/2015/02/19/great-sim-heist/

Android malware hijacks power button, empties wallet while you sleep – http://www.theregister.co.uk/2015/02/19/android_malware_hijacks_power_button_to_steal_while_you_sleep/

Expert Advice: How to Up Your Cyber Security – http://www.entrepreneur.com/article/241520

Anti-Virus: Applied Incorrectly? – http://www.inforisktoday.com/blogs/anti-virus-applied-incorrectly-p-1812

Preparing for a Data Security Breach – http://complianceriskforum.com/preparing-for-a-data-security-breach/

Miscellaneous Privacy stories

It’s not just Samsung TVs — lots of other gadgets are spying on you – http://fusion.net/story/49352/all-the-smart-gadgets-are-spying-on-you/

Yet Another Report Showing ‘Anonymous’ Data Not At All Anonymous – https://www.techdirt.com/articles/20150209/06111829955/yet-another-report-showing-anonymous-data-not-all-anonymous.shtml

UK Police Forces Have Secret Facial Recognition Database Of 18 Million People, Many Innocent – https://www.techdirt.com/articles/20150203/09153529893/uk-police-forces-have-secret-facial-recognition-database-18-million-people-many-innocent.shtml

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/

SRM

Wednesday 18th February 2015

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

Breaches, Incidents and Alerts:

16 million mobile devices hit by malware in 2014: Alcatel-Lucent – http://www.zdnet.com/article/16-million-mobile-devices-hit-by-malware-in-2014-alcatel-lucent/

Lincolnshire scammers using police logo in mobile con – http://www.eastlindseytarget.co.uk/Scammers-using-police-logo-mobile/story-26014332-detail/story.html

While Obama talks cyber security, his hotel’s computer system fails – http://uk.reuters.com/article/2015/02/15/uk-usa-cybersecurity-obama-hotel-idUKKBN0LJ00120150215

Over 100 banks in 30 countries hit by sophisticated cyber-attack – http://www.jamaicaobserver.com/news/Over-100-banks-in-30-countries-hit-by-sophisticated-cyber-attack

Crooks steal money from Standard Chartered Accounts by hacking ATMs – http://securityaffairs.co/wordpress/33511/cyber-crime/standard-chartered-accounts-hacked.html

Security breach affects SSC employees – http://www.news-star.com/article/20150213/NEWS/150219854

Personal weather stations can expose your Wi-Fi network – http://www.csoonline.com/article/2883910/privacy/personal-weather-stations-can-expose-your-wifi-network.html#tk.rss_all

Lack of CSPRNG Threatens WordPress Sites – http://threatpost.com/lack-of-csprng-threatens-wordpress-sites/111016

Discovered 40000 vulnerable MongoDB databases on the Internet – http://securityaffairs.co/wordpress/33487/hacking/40000-vulnerable-mongodbonline.html

Google Play, Browser Flaws Expose Android Devices to Remote Code Execution – http://www.securityweek.com/google-play-browser-flaws-expose-android-devices-remote-code-execution

Newsweek Twitter hack is a sign of the times – http://www.csoonline.com/article/2882977/social-networking-security/newsweek-twitter-hack-is-a-sign-of-the-times.html#tk.rss_all

15-year-old bug allows malicious code execution in all versions of Windows – http://arstechnica.com/security/2015/02/15-year-old-bug-allows-malicious-code-execution-in-all-versions-of-windows/

Miscellaneous Infosec stories:

Cybersecurity goes way beyond passwords – http://www.sfchronicle.com/opinion/article/Cybersecurity-goes-way-beyond-passwords-6081491.php

Security Concerns After Zero-Day Attacks in Adobe Flash – http://tech.co/security-concerns-zero-day-attacks-in-adobe-flash-2015-02

Beware of Phishing mails; you could be the next hack victim – http://www.indiatvnews.com/business/world/beware-of-phishing-mails-you-could-be-the-next-hack-victim-1207.html

Cyber security will shape the Internet of Things – http://www.itproportal.com/2015/02/14/cyber-security-will-shape-internet-things/

Employees vulnerable to cyber crime – http://www.scotsman.com/business/management/employees-vulnerable-to-cyber-crime-1-3690568

FIA claims arrest of two of FBI’s 10 most-wanted cyber criminals – http://tribune.com.pk/story/838615/fia-claims-arrest-of-two-of-fbis-10-most-wanted-cyber-criminals/

SRM launch the North East Cyber Security Business Cluster – http://www.srm-solutions.com/news/srm-launch-the-north-east-cyber-security-business-cluster/

When is a password leak not a password leak? –

https://blog.agilebits.com/2015/02/13/when-is-a-password-leak-not-a-password-leak/

Google cuts Microsoft and pals some slack in zero-day vuln crusade – an extra 14 days tops – http://www.theregister.co.uk/2015/02/14/google_vulnerability_disclosure_tweaks/

Banks, Gov’t Struggle to Contain Growing Cyber Threat – http://www.americanbanker.com/news/law-regulation/banks-govt-struggle-to-contain-growing-cyber-threat-1072744-1.html

Phishing for clickers – http://www.csoonline.com/article/2883744/security-leadership/phishing-for-clickers.html#tk.rss_all

Twitter sends employees fake spam to see if they’ll fall for it – http://globalnews.ca/news/1828773/twitter-sends-employees-fake-spam-to-see-if-theyll-fall-for-it/

‘Zero days’ last up to six months for some malware – http://www.csoonline.com/article/2883248/data-protection/zero-days-last-up-to-six-months-for-some-malware.html#tk.rss_all

HP Promises Half a Million Dollars in Prizes for Pwn2Own 2015 – http://www.securityweek.com/hp-promises-half-million-dollars-prizes-pwn2own-2015

Google’s Vint Cerf warns of ‘digital Dark Age’ – http://www.bbc.co.uk/news/science-environment-31450389

Breach Level Index Finds Data Breaches Increased 49 Percent – http://hospitalitytechnology.edgl.com/news/Breach-Level-Index-Finds-Data-Breaches-Increased-49-Percent98209

Ukrainian government to counter cyber-attacks – http://www.scmagazineuk.com/ukrainian-government-to-counter-cyber-attacks/article/397970/

Millions Of Users Unaware That Facebook Is On The Internet — Or Think It *Is* The Internet – https://www.techdirt.com/articles/20150211/01355929982/millions-users-unaware-that-facebook-is-internet-think-it-is-internet.shtml

HOST HIT IN CYBER ATTACK RIPS GOVERNMENT INACTION – http://www.nltimes.nl/2015/02/11/host-hit-cyber-attack-rips-government-inaction/

Report: Chinese groups behind most state-sponsored attacks in 2014 – http://www.csoonline.com/article/2882753/cyber-attacks-espionage/report-chinese-groups-behind-most-state-sponsored-attacks-in-2014.html#tk.rss_all

Tools, Tips and How it’s done:

HTML5 Security Cheat Sheet – https://www.owasp.org/index.php/HTML5_Security_Cheat_Sheet

Now, I can see wifi signals. – https://imgur.com/gallery/jdNA6

Cyber Attacks Through Power and Cooling Systems – http://www.alphaguardian.net/cyber-attacks-power-cooling-systems/

How secret Swiss banking works – http://www.businessinsider.co.id/hsbc-and-ubs-swiss-bank-account-and-tax-evasion-scandals-explainer-2015-2/#.VORiDPmsV8F

Hacker Hour: The Hackers Guide To Social Engineering – https://www.protectmybank.com/hacker-hour-hackers-guide-social-engineering/

UK Computer Emergency Response Team (CERT) Introduction to Social Engineering – https://publicintelligence.net/uk-cert-social-engineering/

Phishing attacks increasingly target financial data – http://www.net-security.org/secworld.php?id=17949

The limits of prevention-centric security programs – http://www.net-security.org/secworld.php?id=17950

Preparing for a Data Breach – What to Know About Breach Notification – http://www.lexisnexis.com/legalnewsroom/corporate/b/business/archive/2015/02/13/preparing-for-a-data-breach-what-to-know-about-breach-notification.aspx

Phishing: Learning from Recent Breaches – http://www.databreachtoday.com/interviews/phishing-learning-from-recent-breaches-i-2577

How to Defend Your Business Against Social Engineering Scams – http://blog.lifars.com/2015/02/13/how-to-defend-your-business-against-social-engineering-scam/

‘CIO of Year’ on Defending Against Hackers – http://www.databreachtoday.com/interviews/cio-year-on-defending-against-hackers-i-2578

PoS Malware Kits Rose in Underground in 2014: Report – http://www.securityweek.com/pos-malware-kits-rose-underground-2014-report?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

How To Protect Yourself From Dating App Cyber Threats – http://www.techweekeurope.co.uk/mobility/mobile-apps/protect-dating-app-cyber-threats-161856

Complexity is the Enemy of Security – http://www.securityweek.com/complexity-enemy-security?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Securityweek+%28SecurityWeek+RSS+Feed%29

CTO Corner: Creation of CTIIC Demonstrates Heightened Importance of Cyber Security – https://blog.bit9.com/2015/02/11/cto-corner-creation-of-ctiic-demonstrates-heightened-importance-of-cyber-security/

Five sneaky ways companies are changing employees’ security behavior – http://www.csoonline.com/article/2881940/security-awareness/five-sneaky-ways-companies-are-changing-employees-security-behavior.html#tk.rss_all

Connected Home Security Systems Easy to Hack: HP – http://www.securityweek.com/connected-home-security-systems-easy-hack-hp

How to remotely install malicious apps on Android devices – http://securityaffairs.co/wordpress/33456/hacking/remotely-hack-android.html

Miscellaneous Privacy stories

Legal compliance challenges of Big Data: Seeing the forest for the trees – http://www.csoonline.com/article/2883796/big-data-security/legal-compliance-challenges-of-big-data-seeing-the-forest-for-the-trees.html

Tim Cook: Cyber privacy is a ‘life and death’ issue – http://www.telegraph.co.uk/finance/11412625/Tim-Cook-Cyber-privacy-is-a-life-and-death-issue.html

US lawmakers introduce two bills to protect email privacy – http://www.csoonline.com/article/2884134/privacy/us-lawmakers-introduce-two-bills-to-protect-email-privacy.html#tk.rss_all

Jeb Bush’s email dump puts constituents’ personal data online – http://www.csoonline.com/article/2882818/access-control/jeb-bushs-email-dump-puts-constituents-personal-data-online.html#tk.rss_all

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is

SRM