Information Security Breach Report – 23 January 2015

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.


Breaches, Incidents and Alerts:

Security Advisory – Vulnerabilities in Pagelines/Platform theme for WordPress –

MnSCU campus warns of ‘likely’ data breach –

Schneider Electric SCADA Gateway contains Hard-Coded FTP Credentials –

Atlassian Fixes Critical Vulnerability in Several Products –

New CTB-Locker Variant Allows Victims to Recover 5 Files for Free –

‘Scarab’ Hackers Focus Aim on Select Russian Targets in Attack Campaigns –

Email Scam Nets $214 Million in 14 Months: FBI –

Travelers Blames Web Designer In Bank Website Data Breach –

MS SQL Server Resolution Service enables reflected DDoS with 440x amplification –

Data breach hits MPISD employees –

Adobe Investigating Flash Player Zero-Day Found in Angler Exploit Kit –


Miscellaneous Infosec stories:

IT’s security metrics and reporting problem: A communication failure –

Lack of security in small companies means big risk for the enterprise –

Davos 2015: Banks call for free rein to fight cyber crime –

CISOs must adopt ‘all hands on deck’ approach to defend against cyber attacks: Study –

GCHQ Used Compromised Hardware To Suck Data And Communications Out Of Exploit-Resistant iPhones –

Younger users prefer biometrics to passwords –

Report: Popularity of biometric authentication set to spike –

The State of Security this Past Year is a Just a Glimpse of What’s to Come in 2015 –

The 7 biggest lies you’ve been told about hacking –

Hack Group Spokesman Sentenced to 63 Months in Prison –

As 0days get meaner, Google defenses increasingly outpace Microsoft –


2014 in infosec: Spammers sneak small botnets under the wire, Java is dull –

The supremely befuddling cyber attack that stumped an industry –

Cyber Vulnerabilities Threaten National Security –

‘International cyber warfare is becoming more sophisticated’ –

Retailers are facing up to severe threat posed by cyber security lapses, says top lawyer –

Security Budgets Going Up, Thanks To Mega-Breaches –

Data breaches and hacking attacks rise as Irish firms wrestle with rules –


Tools, Tips and How it’s done:

Knowing when there has been a data breach from your database –

Yes, 123456 is the most common password, but here’s why that’s misleading –

How to Keep Client Data Safe From Online Attackers –

Social Engineering – A Constant Threat –


Miscellaneous Privacy stories

Snowden doesn’t use iPhone for security reasons –

Privacy is Dead, Davos Hears –

Illinois Says Rule-Breaking Students Must Give Teachers Their Facebook Passwords –


If you would like this report sent to your inbox each morning, email me at


You can see all previous issues of this blog at


My Linkedin Profile is

Posted 4 years ago on · Permalink