Information Security Breach Report – 28 November 2014

A daily round up of the most recent reports of information security breaches, infosec and privacy stories from around the world.

You can always access the latest, and all previous reports at www.jonfisherthoughts.co.uk

 

Breaches, Incidents and Alerts:

Uber on your Android phone steals your data – http://cio.economictimes.indiatimes.com/news/digital-security/uber-on-your-android-phone-steals-your-data/45303910

Shutterfly web properties suffer data breach – http://www.csoonline.com/article/2852901/data-breach/shutterfly-web-properties-suffer-data-breach.html#tk.rss_all

Firms lose £2m in social engineering trick – http://www.lawgazette.co.uk/practice/firms-lose-2m-in-social-engineering-trick/5045403.article

New PoS Malware Hits E-kiosks and Ticket Vending Machines – http://www.securityweek.com/new-pos-malware-hits-e-kiosks-and-ticket-vending-machines

Syrian Electronic Army hacks websites via Gigya’s login service – https://gigaom.com/2014/11/27/syrian-electronic-army-hacks-websites-via-gigyas-login-service/

A Tale of Two Powerpoint Vulnerabilities – https://www.f-secure.com/weblog/archives/00002756.html

Hackers target parliament website? – http://www.thenews.pl/1/9/Artykul/188615,Hackers-target-parliament-website

PoS malware d4re|dev1| is also targeting Mass Transit Systems – http://securityaffairs.co/wordpress/30570/cyber-crime/pos-malware-dareldevil.html

 

Miscellaneous Infosec stories:

Retailers data breaches could get ‘ugly’ during holiday season – http://www.mercurynews.com/business/ci_27025645/retailers-data-breaches-could-get-ugly-during-holiday

Edward Snowden: best … security … educator … EVER! – http://www.theregister.co.uk/2014/11/28/the_snowden_effect_not_just_diplomatic_drama/

TOP TEN THINGS ABOUT UK CYBER SECURITY – http://www.cbronline.com/news/security/top-ten-things-about-uk-cyber-security-4453431

Data breach incidents by quarter – https://ico.org.uk/enforcement/trends

Penalties for losing sensitive data – http://www.professionalsecurity.co.uk/news/interviews/penalties-losing-sensitive-data/

Analysis of leaked logs from Syria’s censoring national firewall – http://boingboing.net/2014/11/27/analysis-of-leaked-logs-from-s.html

Biometrics in smartphones need more control – ex-GCHQ boss – http://www.bbc.co.uk/news/uk-politics-30211238

A WHOPPING 8 million Windows Server 2003 systems still out there – http://www.channelregister.co.uk/2014/11/27/windows_server_2003_tech_data_gartner/

Giovanni Buttarelli named new data protection watchdog – http://www.europarl.europa.eu/news/en/news-room/content/20141127IPR81016/html/Giovanni-Buttarelli-named-new-data-protection-watchdog

For cyber safety, UK turns to Israeli tech – http://www.timesofisrael.com/for-cyber-safety-uk-turns-to-israeli-tech/

Italy: Garante introduces ‘progressive’ mandatory breach notification – http://www.dataguidance.com/dataguidance_privacy_this_week.asp?id=3023

Client: “We used to have pentests, but they kept giving us bad reports, so we stopped them…” – http://securityreactions.tumblr.com/post/103565292717/client-we-used-to-have-pentests-but-they-kept

Global outage of AWS CloudFront CDN on Nov 26 2014 – http://www.turbobytes.com/blog/cloudfront-cdn-global-outage/

CYBER-THANKSGIVING: WHAT INFOSEC PROFESSIONALS ARE THANKFUL FOR – http://www.tripwire.com/state-of-security/off-topic/cyber-thanksgiving-what-infosec-professionals-are-thankful-for/

This Artist’s Images Integrate Code From Malware Like Stuxnet and Flame – http://www.wired.com/2014/11/malware-art/#slide-id-1662013

“My, what an ENORMOUS malware infection you have!” [PODCAST] – https://nakedsecurity.sophos.com/2014/11/27/sscc-175-my-what-an-enormous-malware-infection-you-have-podcast/

Cyber security among six UK industries competing for skills, says IET – http://www.computerweekly.com/news/2240235477/Cyber-security-among-six-UK-industries-competing-for-skills-says-IET

So, who *did* write the Regin malware? – http://grahamcluley.com/2014/11/write-regin-malware/

If necessary will shut mobile, Facebook to prevent question leak during exams – http://bdnews24.com/bangladesh/2014/11/27/if-necessary-will-shut-mobile-facebook-to-prevent-question-leak-during-exams-nahid

 

Tools, Tips and How it’s done:

300,000 WordPress hacking attempts and 5 observations – http://simonfredsted.com/1260

101 Bad Android Apps – https://www.f-secure.com/weblog/archives/00002757.html

Cyber shopping: 12 tips from police to foil cyber scammers – http://www.thestar.com/news/world/2014/11/27/cyber_shopping_12_tips_from_police_to_foil_cyber_scammers.html

 

Miscellaneous Privacy stories

Bitcoin Not That Anonymous Afterall – http://www.darknet.org.uk/2014/11/bitcoin-not-anonymous-afterall/

Home Office: Fancy flogging us some SECRET SPY GEAR? – http://www.theregister.co.uk/2014/11/27/home_office_tender_top_secret_surveillance_gear/

Stop selling spyware to despotic regimes, beg MEPs – http://www.theregister.co.uk/2014/11/27/stop_selling_spyware_to_despotic_regimes_beg_meps_weve_enough_trouble_here/

 

 

If you would like this report sent to your inbox each morning, email me at jon.fisher@srm-solutions.com

 

You can see all previous issues of this blog at www.jonfisherthoughts.co.uk

My Linkedin Profile is uk.linkedin.com/in/jonfisher99/


Posted 3 years ago on · Permalink