Hacking Ships: Maritime Shipping Industry at Risk

Pierluigi Paganini

http://securityaffairs.co/wordpress/35504/hacking/hacking-maritime-shipping-industry.html

Excerpt:

“Modern maritime ships are often monitored and controlled remotely from shore-based facilities thousands of miles away to ensure efficiency. This creates a new platform for hackers and pirates to conduct targeted cyber attacks on ships”

 


British Airways freezes some frequent-flyer accounts in wake of hack

 

http://www.net-security.org/secworld.php?id=18144

Excerpt:

“Tens of thousands of British Airways customers have had their frequent-flyer accounts temporarily frozen in the wake of a security breach.”

 


Data breaches drive identity theft and fraud

 

http://www.net-security.org/secworld.php?id=18146

Excerpt:

“Data breaches are affecting consumers nationwide and residents in and around Washington, D.C. are not immune to the consequences. According to a survey by Experian, 57 percent have been a victim of identity theft or know someone who has, with about two out of three victims experiencing fraudulent charges on their credit or debit cards. 28 percent discovered a new account was opened in their name.”

 


Human error lead to leak of world leaders' personal information

 

Zeljka Zorz

http://www.net-security.org/secworld.php?id=18149

Excerpt:

“Personal information, passport numbers and visa details of world leaders who attended the G20 summit in Brisbane, Australia, in November 2014, have been inadvertently leaked by an employee of the Australian Department of Immigration and Border Protection.”


Behavioral biometrics: The password you can’t forget

Neil Costigan

http://www.net-security.org/article.php?id=2247

Excerpt:

“This year’s Mobile World Congress featured more biometrics technology than ever before, with the launch of Google’s Android Pay and Samsung Pay both unveiling technology that enables payments through fingerprint verification. There can be no doubt that biometrics is creeping into the consumer conscience, but are biometrics ready for the enterprise?”

 


WordPress.com Banned in Pakistan Over National Security Issues

Waqas

https://www.hackread.com/wordpress-com-banned-in-pakistan-over-national-security-issues/

Excerpt:

“In a shocking decision the government of Pakistan has banned WordPress.com, the world renowned open-source blogging tool and a content management system.”

 


Hacker threatens cyberattacks against Detroit over court decision

Alan Martin

http://www.welivesecurity.com/2015/03/20/hacker-threatens-cyberattacks-detroit-court-decision/

Excerpt:

“A hacker going by the name of ‘Bitcoin Baron’ has issued a threat to the city of Detroit after a Wayne County Circuit Court Judge dismissed a police manslaughter charge. Michigan Live reports that the hacker made his or her threat in a video published over the weekend. It features a computerized voice that says the author will be “targeting your sites with constant attacks.”

 


Researchers identify malware threat to virtual currencies

http://www.net-security.org/malware_news.php?id=2999

Excerpt:

“INTERPOL and Kaspersky Lab have identified a threat to the blockchain in virtual transactions that could result in them being embedded with malware or other illegal data.”


Car hacking made cheaper and easier

Zeljka Zorz

http://www.net-security.org/secworld.php?id=18141

Excerpt:

“Fiddling with your car's innards will soon become easier and cheaper than ever before, as Eric Evenchick has created and made available hardware and software design files for CANtact, an open source CAN bus tool that can be manufactured for less than $100.”


Study reveals We are being tracked by Our Smartphones – Every 3 Minutes

Waqas

https://www.hackread.com/study-reveals-we-are-being-tracked-by-our-smartphones-every-3-minutes/

Excerpt:

“It is a widely known fact that smartphone apps collect huge amount of data regularly. The data usually includes users’ location information. But startling new facts on this data collection spree have been revealed by Researchers at Carnegie Mellon University in their study.”


Vawtrak malware uses steganography to hide update files in favicons

Pierluigi Paganini

http://securityaffairs.co/wordpress/35308/malware/vawtrak-steganography-favicon.html

Excerpt:

“A new strain of Vawtrak malware implements capabilities to send and receive data through encrypted favicons distributed over the Tor network. A new powerful variant of the Vawtrak malware, also known as Neverquest or or Snifula, appeared in the wild.”


33 percent of World's top 1 Million sites are vulnerable to Hackers

Arif Majeed

http://www.ehacking.net/2015/03/33-percent-of-worlds-top-1-million.html

Excerpt:

“A security firm name Menlo Security has published a report which says one in three domains of the world's top websites are either vulnerable to hackers or they had been hacked. The report was released this week and it further says that even your most trusted websites are vulnerable to hackers. Most of those top websites had no idea about this vulnerability prior to this report. Which brings us to the possibility that many of these sites are already been hacked.“


UK government launches Cyber First recruitment drive for future white hats

Alastair Stevenson

http://www.v3.co.uk/v3-uk/news/2401348/uk-government-launches-cyber-first-recruitment-drive-for-future-white-hats

Excerpt:

“The UK government has announced a Cyber First programme designed to find and train the next generation of security professionals, continuing its efforts to bolster the nation's digital defences.”

 


15,435 vulnerabilities across 3,870 applications were recorded in 2014

http://www.net-security.org/secworld.php?id=18132

Excerpt:

“In 2014, 15,435 vulnerabilities were discovered according to data from Secunia Research. The vulnerabilities are spread across 3,870 applications published by 500 different vendors, and these numbers alone demonstrate the challenge faced by IT teams trying to protect their environment against security breaches.”

 


Half of all Android devices vulnerable to installer hijacking attacks

Zeljka Zorz

http://www.net-security.org/secworld.php?id=18133

Excerpt:

“A critical Android vulnerability that has been discovered over a year ago and responsibly disclosed to Google and other Android manufacturers can be exploited by attackers to trick users into downloading malicious apps from third-party stores.”

 


9 Building Blocks of Insider Threat Mitigation Programs

Adnan Amjad

http://deloitte.wsj.com/cio/2015/03/23/9-building-blocks-of-insider-threat-mitigation-programs/

Excerpt:

“You can’t blame organizations that focus their cyber risk mitigation programs primarily, if not exclusively, on external threats. After all, external actors, including hostile nation-states and criminal organizations, are alleged to have been behind some of the most damaging and high-profile cyber attacks of the past two years.”

 


Most parents don’t know how to tackle cyber bullying

http://www.net-security.org/secworld.php?id=18118

Excerpt:

“54 percent of UK parents would have no idea if their child was being cyber bullied, highlighting that most parents are completely ill-equipped and under-educated in knowing how to recognize and deal with this growing threat to children.”

 


Fake "Incoming Fax Report" emails lead to crypto-ransomware

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2994

Excerpt:

“Once again, fake "Incoming Fax Report" emails carrying malware are being sent out to random users. Given the popularity of online fax-sending services, there are likely to be many victims.”

 


IT pros are taking action against the insider threat

http://www.net-security.org/secworld.php?id=18110

Excerpt:

“2015 is set to see a huge rise in the number of IT professionals taking action to address insider threat in their organizations. Currently 56% of IT professionals in the US have an insider threat program already in place, and 78% of those remaining, or 34% of the total, are planning to put one in place this year. A further 6% are planning an insider threat program within five years.”

 


State-sponsored hackers target European, Israeli organizations

Zeljka Zorz

http://www.net-security.org/secworld.php?id=18112

Excerpt:

“Rocket Kitten, the APT group of attackers that have been delivering spear-phishing emails with the Ghole malware to Israeli and European institutions late last year, have lately been spotted mounting a new operation.”

 


Bank of America phishing attack hits customers

Zeljka Zorz

http://www.net-security.org/secworld.php?id=18113

Excerpt:

“Phishers are once again targeting Bank of America customers, warns Malwarebytes' Chris Boyd.”

 


Fake job seeker's emails deliver ransomware and info-stealer

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2992

Excerpt:

“The latest Cryptowall-delivery campaign comes with an additional menace: the Fareit Trojan, which is designed to steal logins and passwords from compromised computers, download additional malware, and can be used in DDoS attacks.”

 


Why senior managers need to be involved in data security

Ian Kilpatrick

http://www.net-security.org/article.php?id=2237

Excerpt:

“The networking environment has changed radically in recent times. In today's world of increasing wireless use, widespread BYOD, more home working, more remote access, more consumer devices and the huge popularity of social media, the network is becoming ever more distributed. In this situation, security breaches are inevitable, as is evidenced by the regular reporting of breaches at major organizations.”

 


Personal, healthcare info of over 11M Premera customers compromised

Zeljka Zorz

http://www.net-security.org/secworld.php?id=18101

Excerpt:

“US healthcare provider Premera Blue Cross has suffered a data breach that resulted in a potential compromise of personal, financial and health-related information of as many as 11 million applicants and members.”

 


Cardless ATMs will improve security of cash withdrawal

Pierluigi Paganini

http://securityaffairs.co/wordpress/34962/security/cardless-atms-mobile.html

Excerpt:

“A unit of Canada’s Bank of Montreal will launch on Monday its network of cardless ATMs, a technological innovation to improve users’ security.”


KHNP hacker demands money to withhold documents

http://www.world-nuclear-news.org/C-KHNP-hacker-demands-money-to-withhold-documents-1203155.html

Excerpt:

“A hacker who launched a cyber attack on Korea Hydro and Nuclear Power (KHNP) last December has released more files and demanded money in return for not exchanging sensitive information with third countries.”

 


Cyber crooks take advantage of ad bidding networks to deliver ransomware

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2987

Excerpt:

“Malware peddlers are taking advantage of real time advertising bidding networks to deliver ransomware to unsuspecting users, FireEye researchers are warning.”

 


Protecting healthcare records from cyber attacks is a game of cat and mouse

Mike Potts

http://www.net-security.org/article.php?id=2232

Excerpt:

“The never-ending battle between healthcare organisations and cyber attackers has always been like a game of cat and mouse. The hacker plays the role of the mouse, constantly trying to sneak past the company’s cat that is guarding information.”

 


When it comes to patient data privacy, compliance and security differ

Rob Lundahl

http://www.net-security.org/article.php?id=2233

Excerpt:

“If a name perfectly underscored a growing issue of concern, it’s Anthem. In February, the health insurance plan provider disclosed cyber attackers had breached its IT system for several weeks and obtained consumers’ personal data. The message this revelation spread is that healthcare-related organizations are increasingly prime targets for hackers and cyber thieves.”

 


Government to Drop Charges in Federal Employee Hacking Case

Lisa Cornwell

http://abcnews.go.com/US/wireStory/government-drop-charges-federal-employee-hacking-case-29542745

Excerpt:

“A National Weather Service employee accused of illegally accessing a restricted federal computer database containing information about the nation's dams, stealing information and lying to federal investigators will have charges against her dismissed if a judge approves the prosecution's request.”

 


Active campaigns deliver old and new ransomware families

Zeljka Zorz

http://www.net-security.org/malware_news.php?id=2984

Excerpt:

“Cyber crooks' love for ransomware continues unabated, and user are warned about several active campaigns trying to deliver the malware on target computers.”

 


Two Arrested in the Largest Data Breach in the US

Ionut Ilascu

http://news.softpedia.com/news/Two-Arrested-in-the-Largest-Data-Breach-in-the-US-475156.shtml

Excerpt:

“US prosecutors indicted three men charged with running spam campaigns using over one billion email addresses stolen from eight email service providers (ESP) in the country; two of them are under arrest, while the third one is on the run.”

 


A bad week for UK cybercriminals

Graham Cluley

http://www.hotforsecurity.com/blog/a-bad-week-for-uk-cybercriminals-11533.html

Excerpt:

“56 suspected hackers have been arrested by the UK’s National Crime Agency (NCA) as part of what British police are calling “strike week” against cybercriminals. In 26 separate operations across the country, people were arrested in connection with a variety of offences related to distributed denial-of-service (DDoS) attacks, internet fraud, phishing attacks, the theft of intellectual property, and malware.”

 


Financial firms are putting more stock in the cloud

http://www.net-security.org/secworld.php?id=18048

Excerpt:

“Many financial firms are slowly putting more stock in the cloud. That’s a key finding from a new Cloud Security Alliance (CSA) survey, which targeted executives from banking, insurance and investment firms around the world.”

 


Hospital Sues Bank of America Over Million-Dollar Cyberheist

BrianKrebs

https://krebsonsecurity.com/2015/03/hospital-sues-bank-of-america-over-million-dollar-cyberheist/

Excerpt:

“A public hospital in Washington state is suing Bank of America to recoup some of the losses from a $1.03 million cyberheist that the healthcare organization suffered in 2013.”

 


Rogers Communications Hacked Using Simple Social Engineering

Ionut Ilascu

http://news.softpedia.com/news/Rogers-Communications-Hacked-Using-Simple-Social-Engineering-474675.shtml

Excerpt:

“A group of hackers calling themselves Team Hans managed to gain access to corporate information belonging to Canadian telecommunication and media company Rogers Communications relying mostly on their charm.”

 


Indian Government bans third party email services, including Gmail and Yahoo

Pierluigi Paganini

http://securityaffairs.co/wordpress/34290/intelligence/indian-government-bans-email-services.html

Excerpt:

“The Indian Government bans third party email services, including Gmail and Yahoo, from its offices in order to protect government communications.”