Tag: information security

Yahoo breach highlights cookie security issues

Last year Yahoo reported several data breaches occurring between 2013 and 2016 which affected a large number of user accounts.  Personal information stolen could have included email addresses, telephone numbers, dates of birth, hashed passwords and encrypted or unencrypted security questions and answers.

Following forensic investigations Yahoo has revealed that fake cookies were a probable method used by attackers to access user accounts…

Link: Weekly Threat Report 10th March 2017
Source: NCSC Reports

The use of social media for cyber-enabled fraud is on the increase

Social media is increasingly used to commit cyber-enabled fraud according to recent reporting (by cyber security company Easy Solutions). Many of the 80 million fake social media profiles are reportedly used to facilitate cyber attacks. According to cyber security company, Proofpoint, 19% of accounts with top global brands are fake.

Social media attacks also recently tricked major UK banks’ customers into revealing…

Link: Weekly Threat Report 4th November 2016
Source: NCSC Reports

NCA and Trend Micro partnership leads to conviction

A man responsible for creating two crypting services has pleaded guilty in court following a joint investigation by the National Crime Agency (NCA) and Trend Micro.

Goncalo Esteves pleaded guilty on three charges on Monday 15 January 2018 and will be sentenced in February.

Esteves was responsible for creating two crypting services (Cryptex Reborn and Cryptex Lite). These were designed to modify a program, such as malware, so that it avoids…

Link: Weekly Threat Report 19th January 2018
Source: NCSC Reports

UK cyber criminal pleads guilty to selling customer credentials on the Dark Web

A cyber criminal who hacked into the online networks of at least 200 companies worldwide recently pleaded guilty to multiple offences in court.

Grant West, 25, who operated under the pseudonym ‘Courvoisier’, was detained in September 2017 following a two-year investigation by Scotland Yard. He was arrested on a train whilst logging on to his dark web marketplace account.

Southwark Crown Court heard…

Link: Weekly Threat Report 11th May 2018
Source: NCSC Reports

A spokesperson for the National Cyber Security Centre said:

“We are aware of a cyber incident and we are working with NHS Digital and the National Crime Agency to investigate.”

Advice on protecting yourself from ransomware is available here. 

UPDATE

A statement from the NCSC on the international cyber incident can be read here.

Link: NHS Alert
Source: NCSC Alerts

Cyber-enabled theft from Taiwanese bank

On 5th October 2017 Taiwan’s Far Eastern International Bank (FEIB) reported that it had fallen victim to a cyber-enabled theft. It is not yet known how much the attackers attempted to steal, but open source reports this figure could be as high as 60 million USD. FEIB states that, owing to errors by the criminals in their SWIFT[1] messaging configuration and efforts to recover the stolen money, estimated losses are less than 500,000 USD…

Link: Weekly Threat Report 13th October 2017
Source: NCSC Reports

Fake airline websites distributed by social media

Scammers are using the brands of major global airlines to lure users to fake websites and then encourage them to share links to the sites with friends. When a user clicks through to the sites they are prompted to answer a few simple questions and provide personal information to get free flights. Once they give away their name, email, phone, date of birth and address they are then told they will receive the flights, only once they ‘like…

Link: Weekly Threat Report 23rd June 2017
Source: NCSC Reports

Drone-enabled hacking

An organisation’s most sensitive information is often stored on ‘air-gapped’ computers, which are physically separated from the internet.  The lack of a connection protects them from most external attackers, and even if the machine is infected with malware, the data is difficult to exfiltrate.

An Israeli researcher has demonstrated a new technique for transmitting information out of air-gapped computers, using malware to force LEDs to flash in a…

Link: Weekly Threat Report 3rd March 2017
Source: NCSC Reports

Malware-infected ATMs compromise Indian debit cards

Indian media have reported that 3.2 million debit cards may have been compromised by ATM malware in what has been described as the “biggest ever cyber security breach” in the Indian banking sector. The Economic Times reported that debit cards belonging to large banks such as the State Bank of India (SBI), HDFC Bank, Yes Bank and ICICI Bank may have been compromised.

Although some reports indicate that the breach may have…

Link: Weekly Threat Report 28th October 2016
Source: NCSC Reports

Two-factor authentication usage

Open source reports quote remarks made by a Google software engineer who revealed at a recent security conference that fewer than 10 per cent of Gmail users enabled Two-Factor Authentication (2FA). 

The benefit of 2FA is that it provides an extra layer of security.  The user has to provide standard login details of a password and username and also something that only that user has access to.  This might be a physical token, keyfob device,…

Link: Weekly Threat Report 25th January 2018
Source: NCSC Reports