Information Security Breach Report – 13 April 2015

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

Lufthansa customers were targeted by a cyber attack – http://securityaffairs.co/wordpress/35894/cyber-crime/lufthansa-website-hacked.html

Apple Patches Critical Backdoor Flaw in OS X 10.10.3 – http://www.eweek.com/security/apple-patches-critical-backdoor-flaw-in-os-x-10.10.3.html

AT&T To Pay $25 Million to Resolve FCC Data Breach Claims – http://www.adlawaccess.com/2015/04/articles/att-to-pay-25-million-to-resolve-fcc-data-breach-claims/

ɘƨɿɘvɘЯ algo attack cracks Belkin router WPS PINs: researcher – http://www.theregister.co.uk/2015/04/12/belkin_wps_pins_easily_cracked_researcher/

18 out of 20 top boxlines vulnerable to ‘click-jacking’ cyber attacks – http://splash247.com/18-out-of-20-top-boxlines-vulnerable-to-click-jacking-cyber-attacks/

China Accused Of Decade Of Cyber Attacks On Governments And Corporates In Asia – http://techcrunch.com/2015/04/12/fireeye-apt-30-southeast-asia-india-report/

Hobart Airport website taken offline after cyber-attack – http://www.globaltimes.cn/content/916518.shtml

Hackers attack Belgian press group, second cyber siege since French station Tv5Monde – http://www.firstpost.com/world/hackers-attack-belgian-press-group-second-cyber-seige-since-french-station-tv5monde-2193865.html

IBM uncovers fraud scheme by well funded Eastern European gang of cyber criminals – http://customstoday.com.pk/ibm-uncovers-fraud-scheme-by-well-funded-eastern-european-gang-of-cyber-criminals-2/

AlienSpy RAT exploited to deliver the popular Citadel Trojan – http://securityaffairs.co/wordpress/35802/cyber-crime/alienspy-rat-citadel-trojan.html

Security Advisory: Persistent XSS in WP-Super-Cache – https://blog.sucuri.net/2015/04/security-advisory-persistent-xss-in-wp-super-cache.html

Many big companies are still vulnerable to the biggest computer bug ever discovered, report says – http://cio.economictimes.indiatimes.com/news/digital-security/many-big-companies-are-still-vulnerable-to-the-biggest-computer-bug-ever-discovered-report-says/46845677

FireEye claims discovery of 10-year hack campaign by China – http://www.zdnet.com/article/fireeye-claims-discovery-of-10-year-hack-campaign-by-china/

Walters McCann Fanska notifies clients of network security breach – http://www.databreaches.net/walters-mccann-fanska-notifies-clients-of-network-security-breach/

 

Miscellaneous Infosec stories:

In a flash, I became a victim of cyber thieves – http://www.asianewsnet.net/In-a-flash-I-became-a-victim-of-cyber-thieves-74004.html

Emergence of various gadgets gives rise to wider cyber crimes – http://www.thesundaily.my/news/1381512

Insurance payout ‘threat’ a push for better cyber-safety – http://www.timesofisrael.com/insurance-payout-threat-a-push-for-better-cyber-safety/

Your smartphone app may be… malware trap – http://www.bangaloremirror.com/News/India/Your-smartphone-app-may-be-malware-trapp/articleshow/46899269.cms

Thousands could launch Sony-style cyber attack, says ex-hacker – http://www.cnet.com/news/thousands-could-launch-sony-style-cyber-attack-says-ex-hacker/

“Great Canon” The most powerful Cyber-Weapon is getting used by China Government – http://www.hackersnewsbulletin.com/2015/04/great-canon-powerful-cyber-weapon-getting-used-china-government.html

Most Cyber Security Breaches Due to Known Issues, Says tech Firm’s Report – http://www.newindianexpress.com/cities/bengaluru/Most-Cyber-Security-Breaches-Due-to-Known-Issues-Says-tech-Firms-Report/2015/04/13/article2761708.ece

 

Tools, Tips and How it’s done:

How Identity Data Security Helps Financial Services Fight Cyber Crime – http://www.business2community.com/tech-gadgets/identity-data-security-helps-financial-services-fight-cyber-crime-01200490

Cyber Incident/Data Breach Response: Your emergency Checklist – http://www.jdsupra.com/legalnews/cyber-incidentdata-breach-response-you-04551/

Lessons in War Series – The Role of Computer Forensics – http://blog.srm-solutions.com/lessons-in-war-series-the-role-of-computer-forensics/

Backtrack 5 Social Engineering Toolkit Fake Facebook Arp Dns Sing – http://smovies.me/download/backtrack-5-social-engineering-toolkit-fake-facebo

Dealing With a Data Breach: What to Do if Your Server Is Compromised – http://www.socialmediatoday.com/technology-data/2015-04-12/dealing-data-breach-what-do-if-your-server-compromised

The critical 48 hours: how to mitigate the damage from a cyber-attack – http://www.itproportal.com/2015/04/12/critical-48-hours-how-to-mitigate-damage-cyber-attack/

The oldest trick in the ASCII book – http://www.infosecdailynews.com/the-oldest-trick-in-the-ascii-book/

Here’s a tip for some Crime Stoppers in Canada: you’ve been hacked – http://www.databreaches.net/heres-a-tip-for-some-crime-stoppers-in-canada-youve-been-hacked/

 

Miscellaneous Privacy stories:

The government hides surveillance programs just because people would freak out – http://www.theguardian.com/commentisfree/2015/apr/11/the-government-will-hide-its-surveillance-programs-but-they-wont-eliminate-them

As encryption spreads, U.S. grapples with clash between privacy, security – http://www.washingtonpost.com/world/national-security/as-encryption-spreads-us-worries-about-access-to-data-for-investigations/2015/04/10/7c1c7518-d401-11e4-a62f-ee745911a4ff_story.html

Meet the privacy activists who spy on the surveillance industry – http://fusion.net/story/112390/unveiling-secrets-of-the-international-surveillance-trade-one-fake-company-at-a-time/

Facebook claims ‘a bug’ made it track nonusers – http://thehill.com/policy/technology/238399-facebook-claims-a-bug-made-it-track-people-not-on-facebook

“I feel violated:” Fraudulent Green Dot accounts set up using stolen identities – http://fox6now.com/2015/04/12/i-feel-violated-fraudulent-green-dot-accounts-set-up-using-stolen-identities/

Process servers can find you on Facebook – http://edition.cnn.com/2015/04/12/opinions/cevallos-facebook-process-serving/

Snowden keeps saying that US is still catching our emails – http://securityaffairs.co/wordpress/35799/digital-id/snowden-interview.html

 

Safeguarding Children and School E-Safety stories:

Five steps for an effective school e-safety policy – http://blog.srm-solutions.com/five-steps-for-an-effective-school-e-safety-policy/

Limerick kids to take the fight to online bullies at major summit – http://www.limerickleader.ie/news/business/business-news/limerick-kids-to-take-the-fight-to-online-bullies-at-major-summit-1-6683746

Why community intelligence modelling is vital when dealing with the ‘digital native’ – http://blog.srm-solutions.com/why-community-intelligence-modelling-is-vital-when-dealing-with-the-digital-native/

Full Frame Panel: Cyberbullying 101 – http://www.cctv-america.com/2015/04/11/full-frame-panel-cyberbullying-101

Higgins proposes cyber bullying legislation after falling victim – http://connachttribune.ie/higgins-proposes-cyber-bullying-legislation-after-falling-victim-063/

Florida Teen Charged With Felony For Changing Teacher’s Desktop Wallpaper – http://www.inquisitr.com/2003490/florida-teen-charged-with-felony-for-changing-teachers-desktop-wallpaper/

Why Online Abuse Is Not Our Destiny – https://www.techdirt.com/articles/20150407/16041830577/why-online-abuse-is-not-our-destiny.shtml

Every Teacher’s Must Have Guide to Facebook – http://www.edudemic.com/every-teachers-must-have-guide-to-facebook/

TeaMp0isoN reveals schools’ vulnerabilities – http://www.databreaches.net/teamp0ison-reveals-schools-vulnerabilities/

Police Chief Unable To Simply Do Nothing Over Reported Teen Sexting, Brings Child Porn Charges Against Four Minors – https://www.techdirt.com/articles/20150331/14510830506/police-chief-unable-to-simply-do-nothing-over-reported-teen-sexting-brings-child-porn-charges-against-four-minors.shtml

“Lessons will Be learned”: Safeguarding in schools – http://www.computerweekly.com/blogs/itworks/2015/04/lessons-will-be-learned-safegu.html

Education Sector Struggles With Botnets: BitSight – http://www.securityweek.com/education-sector-struggles-botnets-bitsight

 

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/

Posted 4 years ago on · Permalink