Tag: information security

KRACK – a fundamental flaw in Wi-Fi security

Security researchers from Belgium have found that the majority of Wi-Fi connections are potentially vulnerable to exploitation because of a fundamental weakness in the wireless security protocol – WPA2. The exploit is called “KRACK”, which is short for Key Reinstallation Attack. Reports suggest that at most risk are Linux operating systems, Internet of Things (IoT) devices and 41% of Android devices. However, many of these,…

Link: Weekly Threat Report 20th October 2017
Source: NCSC Reports

Password challenges

Passwords have been in the news again recently. Most notably, on Friday 23 June accounts with weak passwords on the UK Parliamentary network were compromised; however less than 1% of the system’s 9,000 accounts were directly affected. Attention was also drawn this week to router password vulnerabilities, as Virgin Media advised customers with Virgin Super Hub 2 home routers to reset their passwords. This followed concerns that the routers had a relatively weak eight-…

Link: Weekly Threat Report 30th June 2017
Source: NCSC Reports

Yahoo breach highlights cookie security issues

Last year Yahoo reported several data breaches occurring between 2013 and 2016 which affected a large number of user accounts.  Personal information stolen could have included email addresses, telephone numbers, dates of birth, hashed passwords and encrypted or unencrypted security questions and answers.

Following forensic investigations Yahoo has revealed that fake cookies were a probable method used by attackers to access user accounts…

Link: Weekly Threat Report 10th March 2017
Source: NCSC Reports

The use of social media for cyber-enabled fraud is on the increase

Social media is increasingly used to commit cyber-enabled fraud according to recent reporting (by cyber security company Easy Solutions). Many of the 80 million fake social media profiles are reportedly used to facilitate cyber attacks. According to cyber security company, Proofpoint, 19% of accounts with top global brands are fake.

Social media attacks also recently tricked major UK banks’ customers into revealing…

Link: Weekly Threat Report 4th November 2016
Source: NCSC Reports

NCA and Trend Micro partnership leads to conviction

A man responsible for creating two crypting services has pleaded guilty in court following a joint investigation by the National Crime Agency (NCA) and Trend Micro.

Goncalo Esteves pleaded guilty on three charges on Monday 15 January 2018 and will be sentenced in February.

Esteves was responsible for creating two crypting services (Cryptex Reborn and Cryptex Lite). These were designed to modify a program, such as malware, so that it avoids…

Link: Weekly Threat Report 19th January 2018
Source: NCSC Reports

UK cyber criminal pleads guilty to selling customer credentials on the Dark Web

A cyber criminal who hacked into the online networks of at least 200 companies worldwide recently pleaded guilty to multiple offences in court.

Grant West, 25, who operated under the pseudonym ‘Courvoisier’, was detained in September 2017 following a two-year investigation by Scotland Yard. He was arrested on a train whilst logging on to his dark web marketplace account.

Southwark Crown Court heard…

Link: Weekly Threat Report 11th May 2018
Source: NCSC Reports

A spokesperson for the National Cyber Security Centre said:

“We are aware of a cyber incident and we are working with NHS Digital and the National Crime Agency to investigate.”

Advice on protecting yourself from ransomware is available here. 

UPDATE

A statement from the NCSC on the international cyber incident can be read here.

Link: NHS Alert
Source: NCSC Alerts

Cyber-enabled theft from Taiwanese bank

On 5th October 2017 Taiwan’s Far Eastern International Bank (FEIB) reported that it had fallen victim to a cyber-enabled theft. It is not yet known how much the attackers attempted to steal, but open source reports this figure could be as high as 60 million USD. FEIB states that, owing to errors by the criminals in their SWIFT[1] messaging configuration and efforts to recover the stolen money, estimated losses are less than 500,000 USD…

Link: Weekly Threat Report 13th October 2017
Source: NCSC Reports

Fake airline websites distributed by social media

Scammers are using the brands of major global airlines to lure users to fake websites and then encourage them to share links to the sites with friends. When a user clicks through to the sites they are prompted to answer a few simple questions and provide personal information to get free flights. Once they give away their name, email, phone, date of birth and address they are then told they will receive the flights, only once they ‘like…

Link: Weekly Threat Report 23rd June 2017
Source: NCSC Reports

Drone-enabled hacking

An organisation’s most sensitive information is often stored on ‘air-gapped’ computers, which are physically separated from the internet.  The lack of a connection protects them from most external attackers, and even if the machine is infected with malware, the data is difficult to exfiltrate.

An Israeli researcher has demonstrated a new technique for transmitting information out of air-gapped computers, using malware to force LEDs to flash in a…

Link: Weekly Threat Report 3rd March 2017
Source: NCSC Reports