Pulse.Assent

Two-factor authentication usage

Open source reports quote remarks made by a Google software engineer who revealed at a recent security conference that fewer than 10 per cent of Gmail users enabled Two-Factor Authentication (2FA). 

The benefit of 2FA is that it provides an extra layer of security.  The user has to provide standard login details of a password and username and also something that only that user has access to.  This might be a physical token, keyfob device,…

Link: Weekly Threat Report 26th January 2018
Source: NCSC Reports

Two-factor authentication usage

Open source reports quote remarks made by a Google software engineer who revealed at a recent security conference that fewer than 10 per cent of Gmail users enabled Two-Factor Authentication (2FA). 

The benefit of 2FA is that it provides an extra layer of security.  The user has to provide standard login details of a password and username and also something that only that user has access to.  This might be a physical token, keyfob device,…

Link: Weekly Threat Report 25th January 2018
Source: NCSC Reports

NCA and Trend Micro partnership leads to conviction

A man responsible for creating two crypting services has pleaded guilty in court following a joint investigation by the National Crime Agency (NCA) and Trend Micro.

Goncalo Esteves pleaded guilty on three charges on Monday 15 January 2018 and will be sentenced in February.

Esteves was responsible for creating two crypting services (Cryptex Reborn and Cryptex Lite). These were designed to modify a program, such as malware, so that it avoids…

Link: Weekly Threat Report 19th January 2018
Source: NCSC Reports

Winter Olympics phishing campaign

The information security company, McAfee, recently identified spear-phishing activity targeting the February 2018 Winter Olympics due to be held in South Korea.  

This highly tailored campaign was aimed at a number of South Korean organisations supporting the Games and made use of custom-made fileless malware and steganography. The phishing emails were written in the Korean language and purported to be from the South Korean National Counter Terrorism…

Link: Weekly Threat Report 12th January 2018
Source: NCSC Reports

‘Meltdown’ and ‘Spectre’ vulnerabilities to microprocessors

Reports of new security flaws affecting microprocessors called ‘Meltdown’ and ‘Spectre’ surfaced this week. Processors in most devices employ a range of techniques to speed up their operation, and the vulnerabilities allow some of these techniques to be abused to obtain information about areas of memory not normally visible to an attacker. As a result, normally difficult actions – such as recovering passwords…

Link: Weekly Threat Report 5th January 2018
Source: NCSC Reports

Ransomware fears cause companies to hoard Bitcoin

Companies are reportedly stockpiling cryptocurrencies to hedge against the possible need to pay off cyber criminals. Some firms are said to be investing in Bitcoin and Ethereum to ensure that they have cryptocurrency funds available if they are affected by a ransomware attack. A survey carried out earlier this year by Citrix found that 42% of companies surveyed were building cryptocurrency stockpiles for ransomware payments, with 28%…

Link: Weekly Threat Report 22nd December 2017
Source: NCSC Reports

Increase in HTTPS phishing attacks

Over the past few years website owners have been encouraged to adopt HTTPS website domains rather than HTTP. With HTTPS, data in transit is encrypted; this provides additional security for transiting data, such as login credentials, which may contain information of use to attackers.

HTTPS domains are verified by SSL Certificate Authorities, who issue and authenticate certificates. The padlock symbol in the URL field links to the certificate provider’s…

Link: Weekly Threat Report 15th December 2017
Source: NCSC Reports

Data stolen from UK-based global shipping company

On 29 November, the UK-based global shipping company Clarksons, reported that it had experienced a cyber security breach, resulting in the theft of confidential data. The company has publicly warned that the data may be leaked by whoever is responsible for the breach and has contacted potentially affected customers.

Clarksons provides a range of services to the maritime industry including shipbroking, investment banking and research services…

Link: Weekly Threat Report 8th December 2017
Source: NCSC Reports

Imgur compromise

Image-sharing website Imgur has been alerted to a security breach in which the email addresses and passwords of 1.7 million users worldwide were compromised in 2014. Investigations are ongoing but in a public blog post, the company’s CEO has  said that, although passwords were hashed using SHA-256 at the time, users should still take precautions such as using a different password for every site and application.

The website does not hold any other personal data on…

Link: Weekly Threat Report 1st December 2017
Source: NCSC Reports

Black Friday online seasonal scams

Although ostensibly a US tradition of the Thanksgiving holiday weekend, Black Friday has been adopted in the UK by many retailers who heavily discount goods to kick start the Christmas shopping season. The surge of bargain hunters seeking good deals on the high street and online inevitably attracts criminals looking to exploit this seasonal activity.

Last year, victims reported losing nearly £16 million to Christmas shopping fraudsters, increasing…

Link: Weekly Threat Report 24th November 2017
Source: NCSC Reports