Information Security Breach Report – 26 January 2015

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

 

Breaches, Incidents and Alerts:

DHS Intelligence Assessment: Malicious Cyber Actors Target US Universities and Colleges – https://publicintelligence.net/dhs-university-cyber-threats/

5800 Gas Station Tank Gauges vulnerable to cyber attacks – http://securityaffairs.co/wordpress/32630/security/5800-gas-station-tank-gauges-flawed.html

Isle of Wight site hack gives cities dose of cyber fear – http://hamptonroads.com/2015/01/isle-wight-site-hack-gives-cities-dose-cyber-fear

Hackers could infiltrate NSW traffic and sewage systems, Auditor-General Grant Hehir warns – http://www.canberratimes.com.au/it-pro/security-it/hackers-could-infiltrate-nsw-traffic-and-sewage-systems-auditorgeneral-grant-hehir-warns-20150125-12xkag.html

No major damage after official websites hacked, says ADA – http://timesofindia.indiatimes.com/city/agra/No-major-damage-after-official-websites-hacked-says-ADA/articleshow/46014317.cms

Oil and gas industry preparing for cyber attacks – http://www.630ched.com/2015/01/25/oil-and-gas-industry-preparing-for-cyber-attacks/

Russian Dating Site Topface Hacked for 20 Million User Names – http://www.businessweek.com/news/2015-01-25/hacker-steals-20-million-passwords-from-unidentified-dating-site

UK: Downing Street security breach as hoax call is put through to PM David Cameron – http://www.ibtimes.co.uk/uk-downing-street-security-breach-hoax-call-put-through-pm-david-cameron-1485085

Malaysia Airlines website ‘compromised’ by ‘cyber caliphate’ Lizard Squad hackers – http://www.abc.net.au/news/2015-01-26/malaysia-airlines-website-hacked-by-lizard-squad/6047032

Siemens Fixes Vulnerabilities in SCALANCE, SIMATIC Solutions – http://www.securityweek.com/siemens-fixes-vulnerabilities-scalance-simatic-solutions

 

Miscellaneous Infosec stories:

Auto Dealers Susceptible to Cyber Crime by Association – http://wardsauto.com/nada/auto-dealers-susceptible-cyber-crime-association

Efficient Alert Management Lacking in Many Organizations: Report – http://www.securityweek.com/efficient-alert-management-lacking-many-organizations-report

Patchapalooza: In 2015, software patches, software security flaws surge – http://searchsecurity.techtarget.com/news/2240238784/Patchapalooza-In-2015-software-patches-software-security-flaws-surge

‘Two-step’ solution locks out cyber thieves – http://www.sacbee.com/news/business/article8035884.html

Kaspersky exec: Criminals get smarter along with tech – http://www.dailyherald.com/article/20150124/business/150129523/

Target Data Breach Class Action Gets Approval – http://www.lawyersandsettlements.com/articles/data-breach/target-judge-paul-magnuson-home-depot-us-district-20410.html#.VMXqhf6sWSo

The claim process for Sony’s $15 million PSN breach lawsuit starts now – http://www.engadget.com/2015/01/24/psn-breach-payment-form/

Apple agrees to China’s security checks on iPhones – http://cio.economictimes.indiatimes.com/news/digital-security/apple-agrees-to-chinas-security-checks-on-iphones/46003416

Hackers expose cyber flaws – http://www.theaustralian.com.au/news/hackers-expose-cyber-flaws/story-e6frg6n6-1227196446934?nk=4c09a157f2bcfce6793d5d9785e004d4

Charities must face up to their cyber risk – http://newsandviews.zurich.co.uk/talking-point/charities-must-face-up-to-their-cyber-risk/

Bank of England says lenders must do more to shore up cyber defences – http://threatbrief.com/bank-england-says-lenders-must-shore-cyber-defences/

Privileged Users Top List of Insider Threat Concerns: Survey – http://www.securityweek.com/privileged-users-top-list-insider-threat-concerns-survey

 

Tools, Tips and How it’s done:

Flash 0-Day: Deciphering CVEs and Understanding Patches – https://isc.sans.edu/diary/Flash+0-Day%3A+Deciphering+CVEs+and+Understanding+Patches/19223

Remove Your Incident Analysis Bottleneck To Improve Your Time To Contain – https://community.rapid7.com/community/userinsight/blog/2015/01/23/remove-your-incident-analysis-bottleneck-to-improve-your-time-to-contain

Data Breaches Hit the Board Room: How to Address Claims Against Directors and Officers – http://www.hldataprotection.com/2015/01/articles/cybersecurity-data-breaches/data-breaches-hit-the-board-room/

The importance of email encryption software in the enterprise – http://searchsecurity.techtarget.com/feature/The-importance-of-email-encryption-software-in-the-enterprise

How businesses can neutralize cyber security threats in 2015 – http://www.bnn.ca/News/2015/1/24/How-businesses-can-neutralize-cyber-security-threats-in-2015.aspx

Expert discusses cyber attacks and their effect on security, defense – http://whnt.com/2015/01/25/expert-discusses-cyber-attacks-and-their-effect-on-security-defense/

Government offers tips on how to defend your network – http://www.itproportal.com/2015/01/25/government-offers-tips-defend-network/

Business Forum: Companies need a detailed data breach battle plan – http://www.startribune.com/business/289651661.html

How to get a copy of every Tweet you’ve ever posted – http://cio.economictimes.indiatimes.com/news/social-media/how-to-get-a-copy-of-every-tweet-youve-ever-posted/46016898

Internet Society Approach to Cyber Security Policy – http://www.internetsociety.org/news/internet-society-approach-cyber-security-policy

Researchers Detail Regin Attack Platform Modules – http://www.securityweek.com/researchers-detail-regin-attack-platform-modules

 

Miscellaneous Privacy stories

Researchers Examine Location Tracking in Mobile Apps: ShmooCon – http://www.securityweek.com/researchers-examine-location-tracking-mobile-apps-shmoocon

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

 

You can see all previous issues of this blog at http://blog.srm-solutions.com/

or www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/

Posted 3 years ago on · Permalink