Call 01865 845 700
Google+ account Linkedin account Twitter account YouTube account


JULY 21st 2017
SC Magazine

ICYMI: Home IoT; £40 bn attack bill; Bupa leak; malware duo; Dow Jones

Multiple vulnerabilities found in connected IoT home security device

Security researchers have discovered various vulnerabilities in an internet-enabled burglar alarm that could see the device being remotely switched off by an attacker. According to a blog post, Ilia Shnaidman, head of security research at Bullguard, said that the discovery of multiple flaws in iSmartAlarm is another example of a poorly engineered device that offers attackers an easy target.

The device, said Shnaidman, has flaws that can lead to full device compromise. The cube-shaped iSmartAlarm provides a fully integrated alarm system with siren, smart cameras and locks. It functions like any alarm system but with the benefits of a connected device: alerts pop up on your phone, offering you full remote control via mobile app wherever you are. More...

JULY 21st 2017
SC Magazine

SentinelOne analyses splash ransomware 'splash screens'

Analysis of the psychology behind digital ransom notes sheds light on the range of social engineering tactics used by cyber-attackers.

Key social engineering techniques - fear, authority, scarcity (or urgency) and humour - are among the drives exploited by cyber-criminals in ransomware attacks according to a new report examining ransomware ‘splash screens' - the initial warning screens of ransomware attacks.

SentinelOne has commissioned the report, “Exploring the Psychological Mechanisms used in Ransomware Splash Screens,” by Dr. Lee Hadlington PhD, senior lecturer of cyber-psychology at De Montfort University. It reveals how social engineering tactics are used by cyber-criminals to manipulate and illicit payments from individuals.

JULY 21st 2017
SC Magazine

Lords EU committee: no “clean break” when it comes to data protection

A new report from the House of Lords maps the data protection landscape post Brexit, and offers several warnings.

A new House of Lords report has encouraged a greater role for the UK in European data protection, despite the advent of Brexit.

The third report of session, published on July 21, for the Lords' European Union Committee concluded that from a data protection point of view, the UK will be put at a tangible disadvantage: “Our analysis suggests that the stakes are high, not least because any post-Brexit arrangement that results in greater friction around data transfers between the UK and the EU could present a non-tariff trade barrier, putting the UK at a competitive disadvantage.”

Alignment of data protection standards will be a requirement if the UK is to continue to easily transact with European bodies. The UK's comparatively thorough national security legislation, for example, may put the sceptred isle on the back foot compared with other countries.

JULY 6th 2017
The Register

Feelin' safe and snug on Linux while the Windows world burns? Stop that

I shoulda patched what now?

The ransomware problems reported by The Reg over the past few weeks are enough to make you, er, wanna cry. Yet all that's happened is that known issues with Windows machines - desktop and server - have now come to everyone's attention and the bandwidth out of Microsoft's Windows Update servers has likely increased a bit relative to the previous few weeks.

But there's more to life than Windows XP and the day-to-day computing landscape consists of a rich sediment of accumulated and inherited non-Windows operating systems. And my fiver says that only a tiny minority of you have leapt into action and rushed to update these particular systems in the wake of WannaCry.

What exactly are we talking about? According to the non-Windows market share is about 10 per cent - 2 per cent of which is Linux and 3.6 per cent macOS. In the server world the story's not dissimilar: looking this time at some data from Spiceworks, about 12 per cent of servers run non-Windows OSs, with RHEL at 1.2 per cent and various other Linuxes making up 10.5 per cent. The core server Linuxes aside from RHEL are Ubuntu, SUSE, CentOS, Debian and Oracle Linux.

JULY 5th 2017
SC Magazine

ICO sets out international vision and route to GDPR compliance

The ICO has released its international strategy, plotting its plans for Brexit and GDPR compliance.

The Information Commissioner's Office (ICO) has published its international strategy, setting out its route toward an outward looking and General Data Protection Regulation compliant Britain. The strategy sets out the ICO's international vision until 2021.

The document begins by noting, “As the UK prepares to leave the EU, the formal relationship between the ICO and EU data protection authorities will change.” Still, it adds, “Our relationship with our EU partners will remain highly important.”

The strategy sets out the regulator's commitment to strengthening its bonds with European bodies like the Article 29 Working Party, which designed the GDPR, and the European Data Protection Board, which according to the document, “will be a highly influential global players in setting the direction for data protection and privacy standards.”

JULY 5th 2017
SC Magazine

Backdoor placed in popular Ukrainian software enabled NotPetya attack

According to a blog post by Eset, legitimate Ukrainian accounting software M.E.Doc was used by the attackers to push DiskCoder.C malware in the initial phase of an attack that crippled businesses and governmental organisations across the Ukraine a week ago.

Eset said that a “very stealthy and cunning backdoor” was injected by attackers into one of M.E.Doc's legitimate modules. The software is used by around 80 percent of companies in the country and is sold by a company called Intellect Services.

“It seems very unlikely that attackers could do this without access to M.E.Doc's source code,” said Anton Cherepanov, malware researcher at Eset.

He said that when the firm examined all M.E.Doc updates that were released during 2017, it found that there were at least three updates that contained the backdoored module.

The incident with Win32/Filecoder.AESNI.C happened three days after the 10.01.180-10.01.181 update and the DiskCoder.C outbreak happened five days after the 10.01.188-10.01.189 update. Interestingly, four updates from April 24th 2017, through to May 10th 2017, and seven software updates from May 17th 2017, through to June 21st 2017, didn't contain the backdoored module,” said Cherepanov.

JUNE 30th 2017
SC Magazine



After the WannaCry ransomware campaign, why aren't people patching?

A massive ransomware campaign attacked countless endpoints for the second time in just over a month, exploiting a vulnerability that had been patched months earlier. SC asks, why does this keep happening?

As the Petya/NotPetya/Petwrap/GoldenEye/ExPetr onslaught ripped its way through countless endpoints all over Europe on 27 June, a short, sharp realisation may have dawned on its victims.

It was only last month that WannaCry ransomware attacked over 200,000 endpoints in 150 countries. The campaign caught Renault factories, the Russian interior ministry and 48 UK National Health Service trusts in its grip, bringing public utilities and multinationals to their knees.

While commentators didn't think much of the ransomware itself, what really impressed them was the propagating mechanism, EternalBlue, which allowed the ransomware-worm to spread as far, as wide and as quickly as it did. It may have come as a shock to some that those events could be repeated, with the help of the same NSA-built exploit, just over a month later.

JUNE 30th 2017



Petya Mainly A Threat To Unprepared And Unwilling OrganiSations

ANALYSIS: Despite repeated warnings and the experience last month provided by the WannaCry ransomware, organizations that failed to prepare for known threats found they were most subject to the Petya malware

When the Petya malware arrived in Europe this week, it seemed at least at first like a repeat the WannaCry cyber-attacks in May.

The victims were running Microsoft Windows computers that had not been patched to close a vulnerability in the SMBv1 protocol.

Microsoft issued the patch in mid-March, and since that time the company has released security updates for Windows versions stretching back to XP. Yet those computers remained vulnerable.

Petya ransomware

When the Petya malware emerged this week companies in Europe were the hardest hit, although some U.S. companies were affected as well. If there is any good news, it's that the rate of infection seems slower than last time and the malware doesn’t seem to be as efficient at attacking across networks as WannaCry was.

In addition, the lower rate of infection may be the result of organisations actually applying Microsoft's patches on a timely basis.

JUNE 30th 2017



Government Data Website Suffers Security Breach

Yet another security incident suffered by the UK government

The government’s website has suffered a security breach which has resulted in the leak of a database of usernames and email addresses.

The Government Digital Service (GDS) has informed the Information Commissioner’s Office (ICO) of the leak and is also telling users to change their passwords after the personal information was found on a public system during a routine review.

Speaking to the BBC, a GDS spokeswoman said the breach only affected accounts and that people with accounts for other government sites had not been impacted.

Gov breach

The spokeswoman also confirmed that user's names and addresses were not at risk of theft as the leak only affected email addresses, usernames and hashed passwords.

The GDS is making users change their passwords out of precaution as there is currently no evidence that the credentials have been misused, but has warned users to be cautious of opportunistic cyber criminals.

JUNE 28th 2017
BBC News



Global ransomware attack causes turmoil

Companies across the globe are reporting that they have been struck by a major ransomware cyber-attack.

British advertising agency WPP is among those to say its IT systems have been disrupted as a consequence.

The virus, the source of which is not yet known, freezes the user's computer and demands an untraceable ransom be paid in the digital Bitcoin currency.

Ukrainian firms, including the state power company and Kiev's main airport, were among the first to report issues.

The Chernobyl nuclear power plant has also had to monitor radiation levels manually after its Windows-based sensors were shut down.

Interpol involvement

In a statement, the US National Security Council said government agencies were investigating the attack and that the US was "determined to hold those responsible accountable".

The US Department of Homeland Security advised victims not to pay the ransom, saying there was no guarantee that access to files would be restored.

The Russian anti-virus firm Kaspersky Lab said its analysis showed that there had been about 2,000 attacks - most in Ukraine, Russia and Poland.

missed out on the news? check out the NEW ARCHIVE
  © Quadsys 2014  -  Site Map  |  Privacy Policy  |  Terms of Use  |  Cookies Information  
Cookies in Use