IT Security News
IT Security News
Could your company be facing Legal action if you continue to transfer data on EU individual to the US after 31st January 2016.
On 6 October 2015, the European Court of Justice (ECJ) ruled that the commission’s adequacy decision on the EU-US Safe Harbour arrangement is invalid.
The Pan-Europe Data Protection has warned that if no agreement is reached by the end of January 2016, they are committed to take all necessary and appropriate actions. This would appear to mean that business engaged in the transfer of data to the US will have to hope that new laws are agreed otherwise their action could be deemed unlawful.
Shellshock bash Code Injection Vulnerability, what do you need to do? what is the Risk?
Report from SAMS ISC
Bash Code Injection (Shellshock) Vulnerability (CVE 2014-6271)
Cento OS Bash vulnerability that had been announced in 2014/09/24 How to FIX
How to fix bash code injection flaw on CentOS/RedHat 6x Server
HackerKast Shellshock- September 25, 2014 – WhiteHat Security
Would you trust or do business with someone who steals, property theft is a big issue, especially on the internet. We decided to do an investigating to determine how many business website owners on the internet have no regard for copyright and steal logos for other website. For this investigation we decided to see identify who has stolen out logo. From our investigation on the 04 July 2014 we identified 41 cases of logo theft.
10 July 2014 As we keep going deeper into this case on Intellectual Property Theft we have now identified 65 sources on the internet that contain this stolen logo. Less than 5 website owner have apologized for the unauthorized use of this logo. But many website owners and business are failing to report, until they realize that we are serious about getting local law enforcement involved.
Due to a security flaw in the Samsung Galaxy S3 your phones data can be wipe just by surfing web pages (on a compromised website). Hackers have become aware of this security flaw and they are placing hidden code in webpages that will trigger the remote wipe feature of this phone without the permission or any input from the phones user. This code is presently circulating online through websites but it’s also possible that attackers may adopt the code to a test message distribution method, QR code or NFC tag.
Other reports on the internet are saying that they have uncovered more codes built into Samsung devices that could be used in other attacks like killing the phones SIM card. Beside claim we have not seen any evidence of such code yet.
It is also believed that this code may also trigger a factory reset on Galaxy S2 and other Samsung devices that use Samsung's "TouchWiz" interface.
How to Protect you self for this issue:
Backup you Smart Phone content, and check regularly on the Samsung website to see if they have released an update to fix your phone.
The only way to guard against the attacks is to switch off "service loading" in settings, and disable QR code and NFC apps.
How to Test your Phone
You can test your phone by entering any one of the two codes provide here:
Please make BACKUP of your all data on your phone before use this code because it you phone is vulnerable the code will wipe all data on your phone and reset it back to factory default.
Devices from other Android manufacturers appear to be unaffected
The Wolds First International Team Ethical Hacking Championship
The Europe Championships of the Global CyberLympics has just completed.The Global CyberLympics is the world’s first international team ethical hacking championships, and is been held from September onwards across six continents.
The Asia Pacific Championships will be held at the Hacker Halted Asia Pacific 2011 conference in Kuala Lumpur, Malaysia.
The Stuxnet Worm was first discovered in July 2010 by a security firm in Belarus, but did not make global headlines until months later when Iranian state media announced the Middle East nation had been the target of a coordinated attack.
The Stuxnet worm was "the first of its kind. It was written to specifically target mission critical control systems running a specific combination of software and hardware.
There are a lot of concerns that the Stuxnet worm could be altered to attack key components of any nation's infrastructure, from electricity grids to oil rigs.
Many experts believe that the Stuxnet worm was only the beginning of a new kind of cyber attacks against critical infrastructure.
It’s quite possible the in 2011 or 2012 that we will see copycat versions of Stuxnet been used by terrorists to try and cripple the infrastructure of some of the major powers.
New scam spreading via Facebook that attempts to capture personal information including email and postal addresses. The scammers are targeting Facebook users through Facebook notification system and by e-mail, saying they have been made administrators of an unknown page. From there, users are directed to click on a link that takes them to a fake Facebook page. When the user has landed on the fake Facebook page, they are re-directed to a different, malicious page where they are asked to provide their e-mail and shipping addresses in order to take part in a test session of the new Apple iPad2. The scam is luring users in with a fake offer to review an iPad 2, saying that Apple is giving away a total of 10,000 iPad2's for review.
Hackers gained unauthorized access to one of the ashampoo servers. They believe the hackers were after customer data. According ashampoo sensitive data such as billing information is not affected, because Ashampoo does not store this data. The stolen pieces of information are data of addresses such as name and e-mail address.
An investigation commissioned by data protection company CPP Group found that many people in the UK who sell their old smartphones and SIM cards are failing to wipe the devices of sensitive personal data. More than half of the devices examined for the study were found to contain credit card PINs, bank account information, and login information for social networking sites. The information was gathered from 35 used phones and 50 used SIM cards. Users selling old phones should perform a factory reset. Unless old SIM cards are being transferred to another of the owner's devices, they should be destroyed.