Information Security Breach Report – 18 December 2014

A daily round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

Breaches, Incidents and Alerts:

Phishing email contains Word doc, enabling macros leads to malware infection –

Mobile RAT Xsser continues to threaten Android, iOS device security –

Banks Sue Kmart Over Credit Card Data Breach –

Vulnerable TLS Implementation Exposes Cisco Products to POODLE Attacks –

ICANN targeted by Spear Phishing attack, several systems impacted –

New ransomware avoids hitting the same victim twice –

Certified pre-pw0ned Android Smartphones: Coolpad Firmware Backdoor –

Android OS And iOS Targeted by Man-in-the-Middle Attacks –

Docker Fixes Vulnerabilities, Shares Plans For Making Platform Safer –

Union First Market Bank deactivates thousands of ATM cards after skimming incidents –

Did Regulator Cause a Data Breach? –


Miscellaneous Infosec stories:

Cyber Attackers Increasingly Sneaking Corporate Data Out Through DNS –

Business interrupted: Telstra reveals Australia’s security breach impact –

TorrentLocker Ransomware Makes Criminals Up to $500K –

Banks use lots of cloud services but are unaware –

Top malware families turn point-of-sale into point-of-theft –

Protecting the underground electronic communications infrastructure –

Can’t stop Home Depot-style card pwning, but suppliers will feel PCI regulation pain –

Cryptologists meet in Delhi to make and break new codes –

Google considers warning internet users about data risks –

Is Mobile the weakest link in Enterprise Security? –


Tools, Tips and How it’s done:

Using WPA2 to avoid data breach headlines –

Social sniffer predicts which Nigerian prince has the best chance of scamming you –

Tallinn Paper: The Nature of International Law Cyber Norms –

Zen and the Art of Cloud Database Security (Part 2) –

The four Mac security options everyone should know –

Fast Flux Networks Working and Detection, Part 1 –

Speculations Concerning the First Ultraintelligent Machine (1965) [pdf] –

Fake2db: generates databases filled with fake but valid information –


Miscellaneous Privacy stories

Kudos to Microsoft: Fighting US attempt to access emails at Dublin data centre –

Facebook privacy policy under Dutch lens –


If you would like this report sent to your inbox each morning, email me at


You can see all previous issues of this blog at

My Linkedin Profile is

Posted 4 years ago on · Permalink