News – October 2015

Inaugural APHS Conference and Exhibition Kicked Off with Participants from Over 40 Countries
October 30, 2015
The inaugural Asia Pacific Homeland Security (APHS) conference and exhibition (CONFEX) has confirmed its spot as the leading urban resilience forum, hosting participants from over 40 countries and 20 delegations from ASEAN countries as well as from Fiji, Maldives, Mongolia, Pakistan and Sri Lanka this week.

MySQL servers hijacked with malware to perform DDoS attacks
October 28, 2015
Attackers are compromising MySQL servers with the Chikdos malware to force them to conduct DDoS attacks against other targets.

New “FrostyURL” Zero-Day in Rockwell Automation PLC Can Shut Down Operational Networks
October 28, 2015
Industrial automation solutions provider Rockwell Automation on Tuesday released firmware updates and mitigations to address several vulnerabilities identified by researchers in some of the company’s programmable logic controllers (PLCs).

Unpatched browser weaknesses can be exploited to track millions of Web users
October 27, 2015
Over the past decade, there’s been a privacy arms race between unscrupulous website operators and browser makers.

Dridex Banking Trojan Targets Users in France
October 27, 2015
The Dridex banking Trojan is still active, despite arrests and damage caused to the threat’s infrastructure

Bail For Boy, 15, Following TalkTalk Hack Arrest
October 27, 2015
A 15-year-old boy who was arrested over an alleged cyber attack on TalkTalk has been released on bail

US Senate passes controversial cybersecurity-cyberspying bill 74-21
October 27, 2015
The Senate overwhelming approved the so-called Cybersecurity Information Sharing Act (CISA) on Tuesday.

Top German official infected by highly advanced spy trojan with NSA ties
October 26, 2015
German authorities are investigating whether the head of the German Federal Chancellery unit had his laptop infected with Regin

Department of Energy invests $34M in cybersecurity for critical infrastructure
October 23, 2015
The Department of Energy (DOE) has announced that it will invest $34M to the University of Arkansas and the University of Illinois for two projects designed to “improve and enhance” the protection of the U.S. electric grid, and oil and natural gas infrastructure from cyber threats

Why the private sector is poaching cyber security experts from the public sector
October 23, 2015
Over the last year, we have seen a large number of candidates making the move from public sector to private.

Cisa amendment would allow US to jail foreigners for crimes committed abroad
October 22, 2015
An amendment to a controversial cybersecurity bill will allow US courts to pursue and jail foreign nationals even if the crimes they commit are against other foreigners and on foreign soil.

Autumn 2015 edition of the Cyber Security Review magazine is now available to read online and in print
October 22, 2015
Keep up with the latest industry trends, read in-depth analysis and insights from EEAS – EU European External Action Service, U.S. Securities and Exchange Commission, ICAO, UK MoD Defence Science and Technology Laboratory and many more.

UK spies to monitor cybersecurity at Chinese-built nuclear plants?
October 21, 2015
UK spies are to reportedly monitor computer systems at new nuclear power plants built by Chinese companies.

WikiLeaks Is Publishing the CIA Director’s Hacked Emails
October 21, 2015
On Wednesday, the secret-spilling group published a series of selected messages and attachments from a trove of emails taken from Brennan’s AOL account.

At DefCamp 2015 you will learn how easy your online data can be stolen from, how your privacy is violated and what are the techniques used to break critical systems security
October 20, 2015
The Internet is perhaps the greatest invention of the twentieth century and made possible, since 2000, the rise in popularity for smart devices such as smartphones and social networks like Facebook, Twitter or LinkedIn.

‘No Excuses’ As Western Digital Leaves Gaping Crypto Flaws In Hard Drives
October 20, 2015
Researchers Gunnar Alendal, Christian Kisson and ‘modg’ claime to have uncovered various issues in Western Digital’s My Passport series of pre-encrypted hard drives.

More than 250 iOS Apps Caught Using Private APIs to Collect Users’ Private Data
October 19, 2015
Apple is cleaning up its iTunes App Store again – for the third time in two months – following another flood of iOS apps that secretly collect users’ personal information.

Pentagon orders broad initiative to drive cybersecurity compliance, change cyber ‘culture’
October 19, 2015
The Defense Department is spending tens of millions of dollars per year to clean up after cybersecurity breaches – about 80 percent of which are caused by defensive lapses like poor user behavior and failure to apply software patches.

Anonymous cited in Web outages at two Japan airports
October 17, 2015
On Oct. 10, the website of Narita International Airport went down for about eight hours from around 2:30 a.m. after being overwhelmed by multiple-source traffic.

Australian organisations giving up more revenue to cybercrime
October 16, 2015
The average annual cost of cyber crime for an Australian organisation has increased by 13 per cent to $4.9 million, according to HP’s sixth annual global study on cybercrime.

Hackers Are Tapping Into Mobile Networks’ Backbone, New Research Shows
October 16, 2015
A survey of a handful of large mobile operators on each continent showed that hackers have been exploiting a key signalling protocol for routing cellular calls known as SS7

Prime Diffie-Hellman Weakness May Be Key to Breaking Crypto
October 16, 2015
A team of cryptographers and computer scientists from a handful of academic powerhouses is pretty confident they have the answer after having pieced together a number of clues from the Snowden documents that have been published so far.

Brolux trojan targets Japanese banking users, distributed through adult site
October 16, 2015
Japanese online banking users are the target of a newly detected banking trojan, dubbed Win32/Brolux.A, which is spread through two vulnerabilities distributed by an adult website

HBOS accounts open to fraud for two years
October 16, 2015
One of Britain’s biggest banks is being investigated over an extraordinary security lapse which left customers’ bank accounts open to hacking by fraudsters for up to two years.

Hackers Could Control Siri Say French Experts
October 15, 2015
France’s information security agency, ANSSI, says that Google Now on Android devices is also vulnerable.

Cyber Crooks Grab £20m From UK Bank Accounts
October 14, 2015
Internet users are being warned about a strain of malware which has allowed criminals to steal £20m from UK bank accounts.

Ukrainian Hacker Who Allegedly Tried to Frame Cyber-Security Expert Extradited to US
October 13, 2015
A Ukrainian man who allegedly tried to frame cyber-security expert Brian Krebs has been extradited to the United States and is due in Newark federal court today, prosecutors said.

Oman and Malaysia tie up to boost cybersecurity
October 11, 2015
The Sultanate of Oman and the Republic of Malaysia signed a Memorandum of Understanding on Thursday in the field of cybersecurity.

SBA launches cybersecurity website for small businesses
October 11, 2015
The U.S. Small Business Administration has launched a new cybersecurity website for small businesses.

New CFTC cybersecurity standards are coming soon
October 7, 2015
CFTC will add cybersecurity system safeguards, including information security programs, as part of the core principles and regulations applicable to clearinghouses

Don’t share photos of your boarding pass online, cyber security experts warn
October 9, 2015
Identity thieves may be able to cancel future flghts and change personal information

White House Punts on Decryption for Law Enforcement
October 9, 2015
After months of deliberation, the Obama administration has made a long-awaited decision on the thorny issue of how to deal with encrypted communications

Cyber security attacks costing more than £1.7million, with oil and gas firms at risk
October 8, 2015
Almost 10% of companies in the UK are unaware they have been victim to cyber security attacks with incidents now costing an average of £1.7million, according to a new report.

Scottrade Breach Affects 4.6 Million Customers
October 5, 2015
Discount brokerage firm Scottrade began firing off emails late last week, warning customers that as a result of a breach, their names and street addresses may have been stolen from its system.

Most nuclear plants not prepared for cyber attack, says Chatham House
October 5, 2015
The cyber threat to nuclear facilities is indicative of the threat to much of all critical infrastructure

UK Hedge Fund Standards Board issues cybersecurity guidance
October 4, 2015
The UK Hedge Fund Standards Board (HFSB) announced that it has added a “Cybersecurity Memo” to its Toolbox function.

Millions Of T-Mobile Customers Have Data Stolen
October 2, 2015
Hackers have stolen personal information relating to 15 million T-Mobile customers and potential customers in the US

Banking Group Marks Cybersecurity Month by Disclosing a Hack
October 2, 2015
The American Bankers Association, the financial-industry lobbying giant that wants laws forcing retailers to improve data protection

Department of Defense Finally Requires Contractors To Report Major Cybersecurity Breaches
October 2, 2015
Today the Department of Defense announced that it will soon require all of its contractors to report any major cybersecurity breaches.

Millions Of T-Mobile Customers Have Data Stolen
October 2, 2015
The personal information of around 15 million customers in the US was taken during a breach at credit agency Experian.