Cyber Security Roundup for May 2017

The WannaCry ransomware outbreak within the NHS dominated the national media headlines earlier this month. Impacting 45 NHS sites in England and Scotland, the massive cyber attack led to cancelled operations and diversions of emergency medical services. The WannaCry outbreak was not just limited to the NHS, as thousands of computers were shut down at companies in almost 100 countries. After an initial infection via a phishing email and file encryption, the ransomware has the added ability to rapidly self-replicate, infecting other networked Windows computers without Microsoft’s March 2017 critical update (MS17-010) installed, this drove the swift spread of the malware within large organisations and across the world.

Debenhams had 26,000 customer personal details stolen through its flowers service website, which was operated on Debenhams behalf by a third party company. The data breach has been reported to the ICO.

With a year to ago until General Data Protection Regulation (GDPR) goes into law, there were several news reports stating UK businesses need to do more to prepare and highlighting the new data breach fines which could run into Billions for FTSE 100 companies.

If you live in Manchester, your computer is 4 times more likely to be infected with malware than elsewhere in the world according to statstics by Enigma Software Group.

Over in the United States, Brooks Brothers disclosed a major payment card breach, after an individual installed malicious software which captured credit card information within payment systems at locations across the USA and Puerto Rico for 11 months, a remind of the importance of PCI DSS compliance where businesses 

store, process and/or transmits credit/debit card data (cardholder data). 


Hackers stole a copy of Disney’s forthcoming Pirates of the Caribbean film, and tried to hold Disney ransom, Disney didn’t pay.

Interesting blog post by MacKeeper Security, on how cyber criminals are linking various stolen credential datasets to leverage access to systems.

And finally, it was another busy month of security update releases by Microsoft and Adobe, the WannaCry impact on the NHS is a stark warning to ensure all newly issued critical security updates are quickly applied

NEWS


AWARENESS, EDUCATION AND THREAT INTELLIGENCE

  1. Manchester 391% higher than the UK average
  2. London 129% higher than the UK average
  3. Derby 53% higher
  4.  Sheffield 45% higher
  5. Leicester 10% higher
  6. Nottingham 3% higher
  7. Liverpool 15% lower
  8. Southampton 32% lower
  9. York 43% lower
  10. Brighton 50% lower
  • Enhancements on Qakbot Malware to infect New Systems
  • Over 560 million Breached Account Credentials found in ‘Combo List’
  • Android Mobile Malware Campaigns hits 36.5M Downloads
  • EPS Processing Zero-Days Exploited by APT28 & Turla
  • APT32 targets Private Sector Organisations with an interest in Vietnam

  • REPORTS

    from Cyber Security Roundup for May 2017

    Advertisements

    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s