Information Security Breach Report – 20 January 2015

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

Hacker Says Attacks On ‘Insecure’ Progressive Insurance Dongle In 2 Million US Cars Could Spawn Road Carnage – http://www.forbes.com/sites/thomasbrewster/2015/01/15/researcher-says-progressive-insurance-dongle-totally-insecure/

Marylanders’ data exposed in scores of hacks – http://www.baltimoresun.com/news/maryland/bs-md-cyber-attacks-20150117-story.html#page=1

Firefox 35 stamps out critical bugs – http://www.theregister.co.uk/2015/01/19/firefox_35_stamps_out_critical_bugs/

Sony hackers hacked. Lizard Stresser database leaked online with credentials in plaintext – http://securityaffairs.co/wordpress/32417/cyber-crime/lizard-stresser-database-leaked.html

1800+ Minecraft usernames and passwords leak online – http://www.hotforsecurity.com/blog/1800-minecraft-usernames-and-passwords-leak-online-11209.html

Arbiter Systems Substation Clock Vulnerable to GPS Spoofing Attacks – http://www.securityweek.com/arbiter-systems-substation-clock-vulnerable-gps-spoofing-attacks

Researchers Use Siri to Steal Data From iPhones – http://www.securityweek.com/researchers-use-siri-steal-data-iphones

Google’s Project Zero reveals another Windows zero-day vulnerability – http://searchsecurity.techtarget.com/news/2240238448/Googles-Project-Zero-reveals-another-Windows-zero-day-vulnerability

GoDaddy CSRF Vulnerability Allows Domain Takeover – http://breakingbits.net/2015/01/18/taking-over-godaddy-accounts-using-csrf/

Australia fighter jet data theft ‘shows cyber-spy risk’ – http://www.bbc.co.uk/news/world-australia-30875442

Shoe retailer Office lost details of over one million customers in hack, but escapes fine – http://grahamcluley.com/2015/01/shoe-retailer-office-lost-details-one-million-customers-hack-escapes-fine/

Two flaws affect some version of the popular VLC media player – http://securityaffairs.co/wordpress/32464/hacking/2-flaws-vlc-media-player.html

 

Miscellaneous Infosec stories:

What developments will impact business data security in 2015? – http://www.techradar.com/news/world-of-tech/management/what-developments-will-impact-business-data-security-in-2015–1281054?src=rss&attr=all

Here’s What The US Has To Do To Prevent Massive Cyberattacks – http://www.businessinsider.com/what-we-have-to-do-to-stop-cyberattacks-2015-1?IR=T

For Every Action There Is a Cyber-Reaction – http://www.cytegic.com/Blog/?p=81

Electronic device surge could present new security threat – http://www.acumin.co.uk/main/news/view/electronic-device-surge-could-present-new-security-threat/4088

AT LAST: Australia gets its very own malware – http://www.theregister.co.uk/2015/01/19/new_carberp_trojan_hits_oz/

With cyber crime soaring, security gets serious – http://www.ocregister.com/articles/security-648389-cyber-mcclure.html

Anonymous supports FBI investigation of US CENTCOM hack – http://securityaffairs.co/wordpress/32403/cyber-crime/anonymous-fbi-us-centcom-hack.html

No One Really Knows How Secure Government Social Media Is – http://www.buzzfeed.com/evanmcsan/no-one-really-knows-how-secure-government-social-media-is#.jpmQ1mb95

Will 2015 be the year we say goodbye to passwords? – http://www.csoonline.com/article/2871491/identity-management/will-2015-be-the-year-we-say-goodbye-to-passwords.html#tk.rss_all

Cyber-security: organisations vulnerable to new swathe of attacks – http://eandt.theiet.org/magazine/2015/01/special-report-cyber-security.cfm

Why Encryption Matters: Political Insecurity vs InfoSec – https://whitehatcheryl.wordpress.com/2015/01/19/why-encryption-matters-political-insecurity-vs-infosec/

The daunting challenge of reporting on cyberwar – http://www.bbc.co.uk/news/technology-30813585

Are terrorists trying to spam you? – http://www.csoonline.com/article/2872313/cyber-attacks-espionage/are-terrorists-trying-to-spam-you.html#tk.rss_all

Android vulnerability highlights Google’s controversial patch policy – http://searchsecurity.techtarget.com/news/2240238450/Android-vulnerability-highlights-Googles-controversial-patch-policy

ENISA Warns of Internet Vulnerabilities – http://www.databreachtoday.co.uk/enisa-warns-internet-vulnerabilities-a-7814

 

Tools, Tips and How it’s done:

Cyber Attacks: Plan Your Communications Strategy Before They Hit – http://www.business2community.com/crisis-management/cyber-attacks-plan-communications-strategy-hit-01127983

Using SWOT Analysis to Create InfoSec Strategy – http://rafeeqrehman.com/2015/01/18/using-swot-analysis-to-create-infosec-strategy/

Social Engineering Infographic – http://www.jasonstrange.com/2015/01/social-engineering-infographic.html

Tyupkin ATM Malware Analysis – http://resources.infosecinstitute.com/tyupkin-atm-malware-analysis/

How Was Your Credit Card Stolen? – http://krebsonsecurity.com/2015/01/how-was-your-credit-card-stolen/

The Essential Cyber Risk Elements – http://www.livetradingnews.com/essential-cyber-risk-elements-92812.htm#.VL6EqkesWSo

New projects bring early computers back to life – http://www.bbc.co.uk/news/technology-30546592

 

Miscellaneous Privacy stories

Privacy breach inexcusable – Greens – http://www.stuff.co.nz/national/65177409/privacy-breach-inexcusable–greens

Healthcare breaches need a cure for human errors – http://www.csoonline.com/article/2871215/data-breach/healthcare-breaches-need-a-cure-for-human-errors.html#tk.rss_all

Bad news if you tried to access your Outlook email from China this weekend… – http://grahamcluley.com/2015/01/bad-news-tried-access-outlook-email-china-weekend/

Dating apps found ‘leaking’ location data – http://www.bbc.co.uk/news/technology-30880534

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

 

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/

Posted 4 years ago on · Permalink