News – March 2017


  • Over 65.3M LinkedIn Users Have Weak Passwords, the Rest Can Be Easily Cracked

    March 13, 2017

    Last year, LinkedIn suffered a massive data breach where millions of passwords were leaked, and it seems that out of the entire trove of data, 35% of users were using weak passwords to begin with, while other 65% were using passwords that can be cracked. Researchers at behavioral firewall company Preempt wanted to know how many ...

  • Cybersecurity: Why every member of staff has a role to play

    March 13, 2017

    A recent study by ISC² found that when it comes to cybersecurity, over half of British companies are “chronically understaffed” without the right number of IT specialists to deal with online threats. Worryingly, the same research said that the global shortfall of cyber security workers was set to reach 1.8 million in the next five years, ...

  • US Military Security Clearance Files Leak Due to Unsecured Drive

    March 13, 2017

    US Air Force documents were left on an unsecured backup drive, exposing highly sensitive personnel files on over 4,000 senior and high-ranking officers. According to MacKeeper Security Researchers, the gigabytes of files were accessible to anyone because there was no password to protect the backup drive. It seems the information found there varied from names and ...

  • Malware infecting Androids somewhere in the supply chain

    March 12, 2017

    Smartphones from Samsung, LG, Xiaomi, ZTE, Oppo, Vivo, Asus and Lenovo have been spotted sporting malware they apparently carried when they were shipped. The malware discovered by Check Point Software Technologies included info-stealers, ransomware like Slocker; Loki, which shows “illegitimate advertisements” to generate revenue while stealing device information; and information stealers. Check Point says it found infections ...

  • Cybersecurity And Financial Institutions: How New York’s “First-In-The-Nation” Data Security Regulations May Impact You

    March 11, 2017

    March 1, 2017 marked the implementation of New York’s cybersecurity regulations, subjecting covered financial institutions to arguably the most burdensome cybersecurity regime yet. The regulations, promulgated by the New York State Department of Financial Services (“NYDFS”), require banks, insurance companies, and other entities regulated by NYDFS to establish substantive cybersecurity programs and policies and to annually ...

  • Smart machines v hackers: How cyber warfare is escalating

    March 10, 2017

    There is a gaping hole in the digital defences that companies use to keep out cyber thieves. The hole is the global shortage of skilled staff that keeps security hardware running, analyses threats and kicks out intruders. Currently, the global security industry is lacking about one million trained workers, suggests research by ISC2 – the industry body ...

  • Privilege Escalation Flaw Patched in Schneider Wonderware

    March 10, 2017

    Data analysis and visualization software deployed inside a larger operational intelligence software sold by Schneider Electric has been patched against a critical privilege escalation vulnerability. The vulnerability was discovered in-house by Schneider Electric engineers in the Tableau server/desktop products. Versions 7.0 to 10.1.3 of the software running inside Schneider’s Wonderware Intelligence 2014R3 and earlier are affected. “The ...

  • Security & Counter Terror Expo 2017: an international platform for global security

    March 9, 2017

    UK’s leading national security event returns to London in May with a programme created to help those tasked with keeping nations, assets and businesses safe Terrorism has become part of every day life. Over the past 12 months, Europe has experienced some the deadliest attacks in its history and the threat level remains high worldwide. One of ...

  • Cyber Security in a Transport Revolution

    March 9, 2017

    The transport industry is undergoing a technological revolution driven by connectivity, Big Data, autonomy and Artificial Intelligence (AI). Driverless cars are on the horizon and the Internet of Things is being developed throughout our current transport infrastructure. However, these technologies pose some significant issues, particularly in the area of cyber security. To address some of these ...

  • Security Fail: Hackers Drawn to Energy Sector’s Lack of Controls

    March 8, 2017

    Oil and gas companies, including some of the most celebrated industry names in the Houston area, are facing increasingly sophisticated hackers seeking to steal trade secrets and disrupt operations, according to a newspaper investigation. A stretch of the Gulf Coast near Houston features one of the largest concentrations of refineries, pipelines and chemical plants in the ...

  • Major spam operation suffers data leak containing 1.4 billion records

    March 6, 2017

    A spamming group called River City Media (RCM), led by well known spammers Alvin Slocombe and Matt Ferris, has had its database of 1.4 billion records leaked. Revealed by Chris Vickery from the MacKeeper Security Researcher, in cooperation with CSO Online and Spamhaus, the researchers“stumbled upon a suspicious, yet publicly exposed, collection of files. Someone had ...

  • Hacker Selling Over 1 Million Decrypted Gmail and Yahoo Passwords On Dark Web

    March 6, 2017

    Hardly a day goes without headlines about any significant data breach. In past year, billions of accounts from popular sites and services, including LinkedIn, Tumblr, MySpace, Last.FM, Yahoo!, VK.com were exposed on the Internet. Now, according to the recent news, login credentials and other personal data linked to more than one Million Yahoo and Gmail accounts ...

  • Undetectable Mac Malware Proton for Sale on the Dark Web for 40 BTC

    March 6, 2017

    Hackers are now selling malware for Mac devices straight out on the dark web. They claim the malware is undetectable and provides hackers with the ability to take full control over MacOS devices by evading antivirus software. Proton, as it has been named, the malware is a Remote Administration Tool that is currently being sold over ...

  • This hard drive will self destruct. Data-wiping malware targets Europe

    March 6, 2017

    Shamoon—the mysterious disk wiper that popped up out nowhere in 2012 and took out more than 35,000 computers in a Saudi Arabian-owned gas company before disappearing—is back. Its new, meaner design has been unleashed three time since November. What’s more, a new wiper developed in the same style as Shamoon has been discovered targeting a ...

  • U.S. oil and gas companies are ‘still trying to catch up’ on cybersecurity, experts say

    March 6, 2017

    Digital systems and internet networks belonging to U.S. oil and gas companies have increasingly come under attack from hackers in recent years, experts tell CyberScoop. The Homeland Security Department received — between 2011 and 2015 — roughly 350 reports from domestic energy companies who were concerned about hackers probing or breaking into their systems, according to ...

  • WikiLeaks reveals CIA files describing hacking tools

    March 6, 2017

    WikiLeaks published thousands of documents Tuesday described as secret files about CIA hacking tools the government employs to break into users’ computers, mobile phones and even smart TVs from companies like Apple, Google, Microsoft and Samsung. The documents describe clandestine methods for bypassing or defeating encryption, antivirus tools and other protective security features intended to keep ...

  • New Fileless Malware Uses DNS Queries To Receive PowerShell Commands

    March 5, 2017

    It is no secret that cybercriminals are becoming dramatically more adept, innovative, and stealthy with each passing day. While new forms of cybercrime are on the rise, traditional activities seem to be shifting towards more clandestine techniques that involve the exploitation of standard system tools and protocols, which are not always monitored. The latest example of such ...

  • One-third of global firms will fall in cyber attack, says report

    March 5, 2017

    According to a new report, if there was a cyber attack on global firms, almost 73 per cent of them will fail to identify the threat and ward off any damage to their important data and high-value assets. An era where technology is evolving in leaps and bounds, hacking is no longer a rocket science ...

  • Europe Tackles Cybersecurity

    March 3, 2017

    Several European countries have moved to adopt distinct cybersecurity measures as a result of the increased interconnectivity within Europe’s energy system along with a changing paradigm that includes decentralized power sources, the integration of electric vehicles, new digital infrastructure, and connected operational technology. According to a 2016 survey by the European Commission, at least 80% of ...

  • New Data: High Cyber Security Maturity in IT, Telco, Finance, but Health Care and Energy Lag Behind

    March 2, 2017

    Australia’s first cyber security collaboration platform – Security Colony (securitycolony.com) – today released its “Vendor Risk Assessment” tool, enabling any organisation to risk assess their internet facing sites, and receive a profile reflecting their cyber security maturity. To demonstrate the system, scores were calculated for each of the ASX 100 companies. Analysed by industry, the average ...