550,000 Australian Red Cross blood donor details leaked

http://www.welivesecurity.com/2016/10/28/550000-australian-red-cross-blood-donor-details-leaked/

Excerpt:

“The personal details of 550,000 Australian Red Cross blood donors have been leaked in an event that is being described as Australia’s largest ever security breach.”


National Cyber Security Centre HQ operational

https://www.scmagazineuk.com/ncsc-will-be-based-in-the-nova-office-and-shopping-complex-near-victoria-station-in-london/article/527610/

Excerpt:

”The UK's new National Cyber Security Centre (NCSC) officially opens for business today as a public-facing part of GCHQ that acts as a focal point for the government to deliver authoritative advice on tackling cyber-security issues.”


Russian special services to decrypt Internet traffic

Eugene Gerden

https://www.scmagazineuk.com/russian-special-services-to-decrypt-internet-traffic/article/527618/

Excerpt:

“Following on from the Yarovaya Law, Russia's special security service, FSB (successor to the KGB), is to implement plans to achieve access to all internet traffic in the country, decrypted.”


Exclusive: Yahoo secretly scanned customer emails for U.S. intelligence – sources

Joseph Menn

http://www.reuters.com/article/us-yahoo-nsa-exclusive-idUSKCN1241YT

Excerpt:

“Yahoo Inc last year secretly built a custom software program to search all of its customers' incoming emails for specific information provided by U.S. intelligence officials, according to people familiar with the matter.”


100+ online shops compromised with payment data-stealing code

Zeljka Zorz

https://www.helpnetsecurity.com/2016/10/07/payment-data-stealing-code/

Excerpt:

“Since March 2016 (and possibly even earlier), someone has been compromising a variety of online shops and injecting them with malicious JavaScript code that exfiltrates payment card and other kinds of information users entered to pay for their shopping.”


Slovak Finance Ministry drafts country's first cyber-security law

Jaroslaw Adamowski

https://www.scmagazineuk.com/slovak-finance-ministry-drafts-countrys-first-cyber-security-law/article/566679/

Excerpt:

“Slovakia is in the process of drafting its first cyber-security law which will address not only the security of finance and health but also critical utilities infrastructure.”


Hackers changing tactics, techniques and procedures

https://www.helpnetsecurity.com/2016/10/24/hackers-changing-tactics/

Excerpt:

“Organizations need to conduct better penetration testing to combat continual changes in hackers’ tactics, techniques and procedures (TTPs), according to NTT Security.”


43+ million users affected by confirmed Weebly breach

Zeljka Zorz

https://www.helpnetsecurity.com/2016/10/21/weebly-breach-confirmed/

Excerpt:

“Weebly, a popular web-hosting service featuring a drag-and-drop website builder, has been breached, and email addresses/usernames, IP addresses and encrypted passwords for some 43 million users have been stolen.”


Anonymous Hacker Officially Charged for Boston Hospital DDoS Attacks

Catalin Cimpanu

http://news.softpedia.com/news/anonymous-hacker-officially-charged-for-boston-hospital-ddos-attacks-509505.shtml

Excerpt:

“US authorities have officially charged Martin Gottesfeld, 32, of Somerville, Massachusetts, for launching DDoS attacks against Boston Children's Hospital and the Wayside Youth and Family Support Network, a mental illness treatment facility in Framingham, Massachusetts.”


Smart cities face unique and escalating cyber threats

https://www.helpnetsecurity.com/2016/10/20/smart-cities-cyber-threats/

Excerpt:

“Ninety-eight percent of respondents to a survey conducted by Dimensional Research consider smart cities at risk for cyber attacks. Smart cities use IT solutions to manage a wide range of city services, including smart grids, transportation, surveillance cameras, wastewater treatment and more.”


Hackers Steal Research and User Data from Japanese Nuclear Research Lab

Catalin Cimpanu

http://news.softpedia.com/news/hackers-steal-research-and-user-data-from-japanese-nuclear-research-lab-509380.shtml

Excerpt:

“From November 2015 to June 2016, hackers targeted researchers at the University of Toyama’s Hydrogen Isotope Research Center, the University told Japanese media.”


UK spy agencies broke privacy rules says tribunal

Chris Baraniuk

http://www.bbc.com/news/technology-37680058

Excerpt:

“UK spy agencies broke privacy rules by collecting large amounts of UK citizens' data without adequate oversight, the Investigatory Powers Tribunal (IPT) has ruled.”


13 countries join global ransomware fight

https://www.helpnetsecurity.com/2016/10/17/global-ransomware-fight/

Excerpt:

“Just three months after the successful launch of the No More Ransom project, law enforcement agencies from a further 13 countries have signed up to fight ransomware together with the private sector.”


Fight fraud: Scams, identity theft, ransomware attacks

https://www.helpnetsecurity.com/2016/10/18/fight-fraud-scams-ransomware/

Excerpt:

“In an increasingly technology-oriented world, cybercrime has become all too common for both consumers and businesses. Internet crime takes many forms and includes everything from large-scale data breaches to consumer issues like identity theft and cyberstalking to widespread scams and ransomware.”


UN Atomic agency admits a cyber-attack 'disrupted' a nuclear power plant

Max Metzger

http://www.scmagazineuk.com/un-atomic-agency-admits-a-cyber-attack-disrupted-a-nuclear-power-plant/article/548171/

Excerpt:

“A senior UN official has told press that a nuclear power plant was disrupted several years ago by a cyber-attack”


UK prosecutors get new guidelines for pursuing cyberbullies, stalkers

Zeljka Zorz

https://www.helpnetsecurity.com/2016/10/11/uk-guidelines-cyber-bullying/

Excerpt:

“Cyber bullying, virtual mobbing, doxxing, cyber stalking and harassment, revenge pornography – these are just some of the behaviors that the Internet and social media have enabled.”


Deception mechanisms for detecting sophisticated attacks

https://www.helpnetsecurity.com/2016/10/12/deception-mechanisms-detecting-attacks/

Excerpt:

“Private information stored in document files is the most popular target for attacks coming from professional hackers, according to TopSpin Security. File traps, including Office files, recent docs and deleted docs, were touched the most times during the research.”


NSA government contractor 'stole classified files'

http://www.bbc.com/news/world-us-canada-37568879

Excerpt:

“A National Security Agency contractor has been arrested, accused of taking top secret information, officials say.”


ATM malware gang member arrested in Romania

Max Metzger

http://www.scmagazineuk.com/atm-malware-gang-member-arrested-in-romania/article/527030/

Excerpt:

“The City of London Police have arrested a man in Romania charged with involvement in a campaign that installed malware on to ATMs around the UK”


53% of DDoS attacks result in additional compromise

https://www.helpnetsecurity.com/2016/10/05/ddos-attacks-compromise/

Excerpt:

“DDoS attack volume has remained consistently high and these attacks cause real damage to organizations, according to Neustar. The global response also affirms the prevalent use of DDoS attacks to distract as “smokescreens” in concert with other malicious activities that result in additional compromise, such as viruses and ransomware.”


Database containing info of 1.5 million online daters found leaking

Zeljka Zorz

https://www.helpnetsecurity.com/2016/10/05/database-leak-online-daters/

Excerpt:

“Sensitive personal information of some 1.5 million users of several dating/cheating websites and apps has been found to be accessible via the Internet. This information includes the users’ username, (plaintext) password, email address, gender, date of birth, country of residence and photos, as well as sexual preferences.”


Yahoo security breach highlights the importance of personal protection

https://www.helpnetsecurity.com/2016/10/06/yahoo-security-breach/

Excerpt:

“The recent breach at Yahoo has proved once again that, regardless of a company’s size and expertise, security is always an issue. In the wake of the incident which left Yahoo bosses scratching their heads and millions of account users scrambling to update their passwords, some have suggested that the problem is more serious than Yahoo has let on.”


Why the older generation is an attractive target for cybercriminals

https://www.helpnetsecurity.com/2016/10/05/older-generation-online-threats/

Excerpt:

” People aged 55 and over are behaving insecurely online and often become the victim of fraud, according to Kaspersky Lab and B2B International.”


Drama on the Underground Hacking Scene as Black Hats Hack Each Other

Catalin Cimpanu

http://news.softpedia.com/news/drama-on-the-underground-hacking-scene-as-black-hats-hack-each-other-508910.shtml

Excerpt:

“The black hat hacker known as Peace, or Peace_of_Mind, has breached and defaced one of its rival's websites over the weekend following several incidents that can be categorized as "hacker drama."


Leaked: Source code for Mirai IoT DDoS botnet

https://www.helpnetsecurity.com/2016/10/03/leaked-source-code-mirai-iot-ddos-botnet/

Zeljka Zorz

Excerpt:

‘IoT-powered DDoS attacks are on the rise, and the situation is poised to become even worse now that the source code for the Mirai malware has been made public.”


South Korea's Military Cyber Command Suffers Embarrassing Hack

Catalin Cimpanu

http://news.softpedia.com/news/south-korea-s-military-cyber-command-suffers-embarrassing-hack-508868.shtml 

Excerpt:

“An unknown attacker has hacked South Korea's military cyber command center last month, state officials told local media outlet Yonhap News.”