Information Security Breach Report – 27 January 2015

A round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.


Breaches, Incidents and Alerts:

Great Firewall of China blasts DDoS attacks at random IP addresses –

Java is the biggest vulnerability for US computers –

PHP 5 Updates Fix Several Vulnerabilities –

OS X 10.10.2 Includes Fix for ‘Thunderstrike’ Hardware Exploit Affecting Macs –

Researchers Tie Qwerty Keylogger to Regin Malware Platform – and

Critical ‘Ghost’ Vulnerability Impacts Linux Systems –

P0wning for the fjords: Malware turns drones into DEAD PARROT –

AT&T short codes exposes users to phishing scams –

Metropolitan State U data breach uncovered following hacker’s blog post –

Startup finds malware intrusions by keeping an eye on processor radio frequencies –

Marriott Customers’ Personal Details Exposed by Simple Web Flaw –

Super Bowl Fans Warned About Vulnerable NFL Mobile App –

Wi-Fi Direct Flaw Exposes Android Devices to DoS Attacks –

Facebook Denies Hackers Caused Outage –

Hacktivists step up web attack volumes –

Lizard Squad threatens Malaysia Airlines with data dump: We DID TOO hack your site –


Miscellaneous Infosec stories:

Cyber Warfare Pushes Colleges to Teach Cybersecurity –

Data Breaches Drive Investments In Security Response, Data Protection –

NSA Releases Defensive Strategies for Fighting Malware Targeting Corporate Data –

Internet of Things Security Challenging Enterprise Networks: Survey –

Turns out Apple Pay can’t solve credit card fraud –

Keylogger: Somebody STOP ME! Oh hang on, I just did –

Cyber crooks make it personal –


US scrambling to hire enough cyber security agents to protect itself –

Australia on the Cyber Offensive –

The vulnerability of our electric utility system to cyber attacks –

Link between NSA and Regin cyberespionage malware becomes clearer –

Tougher cyber-crime laws would unfairly criminalise people –

ENISA draws the Cyber Threat Landscape 2014: 15 top cyber threats, cyber threat agents, cyber-attack methods and threat trends for emerging technology areas –

NIST Publishes Guide to Mobile Apps Vetting –

DDoS Attacks Boom as Hackers Increase Size, Frequency –


Tools, Tips and How it’s done:

How To Fortify Your Company’s Security Defenses –

The Perl Jam: Exploiting a 20 Year-old Vulnerability –

Prep for cyber emergency beforehand –

It’s Okay to Fail – Security is a Problem That Can’t be Solved –

Neuroscience Meets Cryptography: Designing Crypto Primitives Secure Against Rubber Hose Attacks –

6 DNS services protect against malware and other unwanted content –

Building A Cybersecurity Program: 3 Tips –

Top Five Hacker Tools Every CISO Should Understand –

Five More Hacker Tools Every CISO Should Understand –

DNS tips and tricks –

APTs: Minimizing losses with early detection –

The NSA’s infosec tips won’t stop you from being hacked –,the-nsas-infosec-tips-wont-stop-you-from-being-hacked.aspx

Lockitron Announces The $99 Bolt, A Deadbolt You Can Unlock With Your Phone –

Deconstructing an IRS Phishing scam –

Real time Drone object tracking using Python and OpenCV –

How to Hack an ADT Alarm System –


Miscellaneous Privacy stories

DEA cameras tracking hundreds of millions of car journeys across the US –

F.T.C. Says Internet-Connected Devices Pose Big Risks –

UK Legislators Hoping To Rush Through New ‘Snooper’s Charter’ In The Wake Of The Charlie Hebdo Attacks –

Facebook goes ‘deep’ in getting to know you –

Five myths (debunked) about security and privacy for Internet of Things –


If you would like this report sent to your inbox each morning, email me at


You can see all previous issues of this blog at


My Linkedin Profile is

Posted 4 years ago on · Permalink