Information Security Breach Report – 23 February 2015

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

Breaches, Incidents and Alerts:

BIND Security Update Fixes Server Crash Flaw – http://www.securityweek.com/bind-security-update-fixes-server-crash-flaw

Gogo Inflight Internet is Intentionally Issuing Fake SSL Certificates – http://www.symantec.com/connect/blogs/gogo-inflight-internet-intentionally-issuing-fake-ssl-certificates

CAVIRTEX Finally Stops Operating Due to Recent Security Breach – http://securitygladiators.com/2015/02/20/cavirtex-shut-down-finally/

Seals With Clubs suffers security breach, shuts down Bitcoin-based online poker room – http://aarontodd.casinocitytimes.com/article/seals-with-clubs-suffers-security-breach-shuts-down-bitcoin-based-online-poker-room-64060

White House network almost back after breach – http://thehill.com/policy/cybersecurity/233376-white-house-network-almost-back-after-breach

Data breach at Lone Star Circle of Care affects 8,700 – http://www.statesman.com/news/news/data-breach-at-lone-star-circle-of-care-affects-87/nkFyY/

Police warn against ‘Microsoft’ scammers – http://cyprus-mail.com/2015/02/20/police-warn-against-microsoft-scammers/

Privacy Breach at Motor Vehicle Registration – http://www.vocm.com/newsarticle.asp?mn=2&id=52823&latest=1

Android malware fakes phone shutdown to steal data – http://www.csoonline.com/article/2886979/malware-vulnerabilities/android-malware-fakes-phone-shutdown-to-steal-data.html#tk.rss_all

Virus posing as ‘The Interview’ movie link hits cyberspace – http://cio.economictimes.indiatimes.com/news/digital-security/virus-posing-as-the-interview-movie-link-hits-cyberspace/46313347

“TNT” gang has released a new hardware TDoS tool in the criminal underground – http://securityaffairs.co/wordpress/33867/cyber-crime/tnt-gang-released-tdos-tool.html

 

Miscellaneous Infosec stories:

Surprise! America Already Has a Manhattan Project for Developing Cyber Attacks – http://www.wired.com/2015/02/americas-cyber-espionage-project-isnt-defense-waging-war/

Turkey Seeks National Plan for Cyber Threats – http://www.defensenews.com/story/defense/policy-budget/cyber/2015/02/21/turkey-cyber-tubitak-cybersecurity-ssm-software/23636627/

Bahrain cracks down on rampant cyber crime cases – http://www.shanghaidaily.com/article/article_xinhua.aspx?id=269388

Revelation of Secret Spyware Could Hamper US Espionage Efforts – http://www.voanews.com/content/revelation-of-secret-spyware-could-hamper-us-espionage-efforts/2653015.html

Corporate espionage: Well-oiled leak machine at mantralayas – http://timesofindia.indiatimes.com/india/Corporate-espionage-Well-oiled-leak-machine-at-mantralayas/articleshow/46328566.cms

JPMorgan Goes to War – http://www.bloomberg.com/news/articles/2015-02-19/jpmorgan-hires-cyberwarriors-to-repel-data-thieves-foreign-powers

Could a North Korean spy be ripping you off online? Impoverished dictatorship uses hackers to steal £1billion a year from the west – http://www.dailymail.co.uk/news/article-2875763/Could-North-Korean-SPY-ripping-online-Impoverished-dictatorship-uses-hackers-steal-1billion-year-west.html

Cyber Threat in Globalized World – http://www.hazar.org/blogdetail/blog/cyber_threat_in_globalized_world_1115.aspx

Regaining Consumer Trust Post-Breach Starts at the Point of Sale – http://www.paymentssource.com/news/interchange/regaining-consumer-trust-post-breach-starts-at-the-point-of-sale-3020599-1.html

State Department official: The department deals with thousands of cyber attacks every day – http://newsmaine.net/22503-state-department-official-department-deals-thousands-cyber-attacks-every-day

Computer Security in the Real World – http://research.microsoft.com/en-us/um/people/blampson/69-SecurityRealIEEE/69-SecurityRealIEEE.htm

HSBC Whistleblower: Thief or Hero? Debatable … Preventable Data Breach? Absolutely – http://www.sys-con.com/node/3303009

Phone fraud becoming more prevelant – http://www.kare11.com/story/news/local/2015/02/20/phone-fraud-becoming-more-prevelant/23779187/

Knowing the Basics of SMB Cyber Security – https://smallbusinesssolutions.blogs.xerox.com/2015/02/19/knowing-the-basics-of-smb-cyber-security/#.VOrSAvmsV8E

Artificial Intelligence May Save Us From New Breed of Cyber Threats – http://www.cio.com/article/2886748/security0/artificial-intelligence-may-save-us-from-new-breed-of-cyber-threats.html

Windows SSL Interception Gone Wild – https://www.facebook.com/notes/protect-the-graph/windows-ssl-interception-gone-wild/1570074729899339

SEC on the prowl for cyber security cases: official – http://www.reuters.com/article/2015/02/20/us-sec-cyber-idUSKBN0LO28H20150220

Does China Really Know How to Wage Cyber War? – http://thediplomat.com/2015/02/does-china-really-know-how-to-wage-cyber-war/

Don’t wait until you’re attacked to take cybersecurity seriously – http://www.net-security.org/secworld.php?id=17978&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29

What will happen to the Lizard Squad hackers? – http://www.theguardian.com/technology/2015/feb/20/lizard-squad-hackers-lulzsec-anonymous-what-will-happen

Cyber-security: US government cannot keep hackers out of national networks – http://www.independent.co.uk/news/world/americas/cybersecurity-us-government-cannot-keep-hackers-out-of-national-networks-10060206.html

Who Cares Who’s Behind A Data Breach? – http://www.darkreading.com/attacks-breaches/who-cares-whos-behind-a-data-breach/a/d-id/1319162

PUBLIC SECTOR FACES RISE IN CYBER-ATTACKS – http://www.cbronline.com/news/security/public-sector-faces-rise-in-cyber-attacks-4517223

Hidden costs of Sony’s data breach will add up for years, experts say – http://siliconangle.com/blog/2015/02/20/hidden-costs-of-sonys-data-breach-will-add-up-for-years-experts-say/?angle=silicon

Information technology leaders feel ill-equipped to handle escalating cyber threats – http://phys.org/news/2015-02-technology-leaders-ill-equipped-escalating-cyber.html

Research Centre Tackles Cybercrime – http://www.inforisktoday.com/research-centre-tackles-cybercrime-a-7935

 

Tools, Tips and How it’s done:

PowerSpy – How to spy on mobile users by monitoring the power supply – http://securityaffairs.co/wordpress/33934/hacking/powerspy-spy-on-mobile.html

Patching Haste Makes Waste – http://www.infosecdailynews.com/patching-haste-makes-waste/

How to test your PC for the new “Superfish” security vulnerability – http://cio.economictimes.indiatimes.com/news/digital-security/how-to-test-your-pc-for-the-new-superfish-security-vulnerability/46329529

SecureTV Interviews The Legend BlackHAT Hacker Kevin D. Mitnick – http://www.tonavids.com/video_yIkAtGjGO_g_SecureTV-Interviews-The-Legend-BlackHAT-Hacker-Kevin-D.-Mitnick.html

Ethical Hacking Course – Part 1 – http://www.dailymotion.com/video/x2hrvhz_ethical-hacking-course-part-1-kali-linux-introduction-installation_school

Ethical Hacking Course – The rest – http://www.dailymotion.com/gb/relevance/universal/search/Ethical+Hacking+Course/1

Say What? Required contents of notice in data breach notifications – http://www.welivesecurity.com/2015/02/21/required-contents-of-notice-data-breach-notification/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+eset%2Fblog+(ESET+Blog%3A+We+Live+Security)

The real cost of a data breach – http://www.retaildive.com/news/the-real-cost-of-a-data-breach/363587/

Cyber Criminals Use Patience, Persistence and Patsies to Fleece Banks for Hundreds of Millions – http://www.virtual-strategy.com/2015/02/21/cyber-criminals-use-patience-persistence-and-patsies-fleece-banks-hundreds-millions#axzz3SVwRfUR0

Data Breach Risks from Spear Phishing – http://privacylawadvisor.com/data-breach-risks-from-spear-phishing/

Hacking the Human OS: A Report on Social Engineering – http://www.itsecurityalerts.com/hacking-the-human-os-a-report-on-social-engineering/

Be your own Big Brother: Covert home spy gadgetry – http://www.theregister.co.uk/2015/02/21/be_your_own_big_brother_people/

Top 3 Takeaways from the “Escalate your Efficiency: How to Save Time on Penetration Testing” Webcast – https://community.rapid7.com/community/metasploit/blog/2015/02/20/top-3-takeaways-from-the-escalate-your-efficiency-how-to-save-time-on-penetration-testing-webcast

Google Webfonts, The Spy Inside? – http://fontfeed.com/archives/google-webfonts-the-spy-inside/

Top 10 DNS attacks likely to infiltrate your network – http://www.csoonline.com/article/2887220/data-protection/top-10-dns-attacks-likely-to-infiltrate-your-network.html#tk.rss_all

NIST Shows Crystal Pattern Mapping Can Recover Obliterated Serial Numbers in Metals – http://www.nist.gov/public_affairs/tech-beat/tb20150218.cfm#ebsd

Experimenting with Honeypots Using The Modern Honey Network – https://zeltser.com/modern-honey-network-experiments/

Is Your Small Business Prepared for a Data Breach Event? New ‘White Paper’ Explores Small Businesses ID Theft and Data Breach Trends – http://www.prweb.com/releases/2015/02/prweb12528343.htm

How Syrian Hackers Nearly Hijacked Wix by Way of Google Apps – http://recode.net/2015/02/20/how-syrian-hackers-nearly-hijacked-wix-by-way-of-google-apps/

How cybercriminals hack our brains – http://www.net-security.org/secworld.php?id=17977

Patching Haste Makes Waste – http://blog.lumension.com/9831/patching-haste-makes-waste/

Understanding the Hacker Mindset – http://www.bankinfosecurity.com/interviews/understanding-hacker-mindset-i-2589

Forced Perspective: Your Cyberdefense Tactics Appear Bigger Than They Are – http://www.securityweek.com/forced-perspective-your-cyberdefense-tactics-appear-bigger-they-are

Tracing an Injected iframe – http://ranger-cha.blogspot.co.uk/2015/02/tracing-injected-iframe.html

 

Miscellaneous Privacy stories

Cyber crime and a mistaken search upend the lives of innocent Kalispell couple – http://www.dailyinterlake.com/members/cyber-crime-and-a-mistaken-search-upend-the-lives-of/article_181876ac-ba20-11e4-88ff-abd63141c727.html

800,000 people get bad tax info in latest Healthcare.gov snafu – http://www.engadget.com/2015/02/20/healthcare-gov-tax-snafu/?ncid=rss_truncated

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/


 

Posted 3 years ago on · Permalink