Cyber Security Training from QA

Cyber Pulse: Edition 17

Read the latest edition of Cyber Pulse, our roundup of Cyber news.


1 June 2018

Alan Sugar is the latest high-profile figure to be used in a scourge of Bitcoin scams

Investors keen to join the 'crypto-craze' are being warned to steer clear of phoney firms claiming household names back their projects. Fake news blighting the Bitcoin and digital currencies market is on the rise – with a string of bogus celebrity endorsements duping people into believing they are investing in virtual coins and revolutionary technology. Amstrad founder Alan Sugar, presenter of TV show The Apprentice, is the latest high-profile figure to speak out about his name being used to sell scam crypto-currency deals. A 74-year-old fell victim to a sham Bitcoin venture because he thought he was investing on the back of Lord Sugar's advice. The tycoon revealed the man emailed him after losing £250 to say he signed up out of 'respect for your achievements and therefore your advice'.

Hackers who defaced Drake Youtube videos arrested

Following a series of targeted attacks on the Vevo-hosted Youtube videos of artists like Drake, Taylor Swift and Selena Gomez, two hackers have been arrested. In April, music video thumbnails for these artists were replaced by images of masked people pointing guns. The hackers identified themselves as Kuroi’sh and Prosox who wrote "Free Palestine" below some of their targeted videos of high-performing artists like Drake. The hackers were also responsible for deleting the record breaking music video for 'Despacito' from Youtube. Only days after making history by becoming the first video to reach 5 billion views, the video disappeared from the site. The two men are aged 18 and have been charged with fraudulent modification, deletion, and extraction of data from an automated data processing system.

FBI: Reboot your router to stop Russia-linked malware

Hoping to thwart a sophisticated malware system linked to Russia that has infected hundreds of thousands of internet routers, the FBI has made an urgent request to anybody with one of the devices: Turn it off, and then turn it back on. The malware is capable of blocking web traffic, collecting information that passes through home and office routers and disabling the devices entirely, the bureau announced Friday. A global network of hundreds of thousands of routers is already under the control of the Sofacy Group, the Justice Department said last week. That group, which is also known as APT 28 and Fancy Bear and believed to be directed by Russia's military intelligence agency, hacked the Democratic National Committee before the 2016 presidential election, according to U.S. and European intelligence agencies.

Millions of IoT Devices Vulnerable to Z-Wave Downgrade Attacks

The popular home automation protocol Z-Wave, used by millions of IoT devices, is vulnerable to a downgrade attack that could allow an adversary to take control of targeted devices, according to researchers. Z-Wave is a wireless protocol used by 2,400 vendors; its wireless chipsets are embedded in an estimated 100 million smart devices ranging from door locks, lighting, heating systems and home alarms, according to Pen Test Partners, who released a report on the vulnerability on Wednesday. According researchers, today's Z-Wave systems are configured to support a "strong" S2 Z-Wave pairing security process. However, a proof-of-concept (PoC) attack demonstrates how a hacker could downgrade the higher S2 standard to a weaker S0 pairing standard, which allows an adversary to steal an encryption key and expose a device to compromise. The PoC attack involved a hacker within RF range at the time a controller pairs with the IoT device.

London police seize bitcoin worth $667,000 from hacker

London police have seized half a million pounds ($667,000) worth of bitcoin from a prolific computer hacker in a case described as the first of its kind for the 188-year-old department. Cybercrime detectives seized the bitcoin from Grant West, 26, who was sentenced to 10 years and 8 months in prison Friday for attacking some 100 companies worldwide, largely using 'phishing' email scams to obtain the financial data. Once he obtained the data, West would then sell the material to market places on the dark web and convert his profits into bitcoin. The London Metropolitan police discovered evidence of cyberattacks on 17 major firms including Sainsbury's, Asda, the British Cardiovascular Society and the Finnish bitcoin exchange. Officers also recovered a memory card containing approximately 78 million individual usernames and passwords.

 

Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.

 

Useful links

Cyber Pulse: Edition 16

Cyber Pulse: Edition 15

Cyber Pulse: Edition 14

Cyber Pulse: Edition 13

Cyber Pulse: Edition 12

Cyber Pulse: Edition 11

Cyber Pulse: Edition 10

Cyber Pulse: Edition 9

Cyber Pulse: Edition 8

Cyber Pulse: Edition 7

Cyber Pulse: Edition 6

Cyber Pulse: Edition 5

Cyber Pulse: Edition 4

Cyber Pulse: Edition 3

Cyber Pulse: Edition 2

Cyber Pulse: Edition 1

 

Edited and compiled by

 

James Aguilan

James Aguilan

Cyber Security Specialist

James has worked on many high complexity eDiscovery Projects and Forensic Investigations involving civil litigation, arbitration and criminal investigations for large corporation and international law firms across UK, US, Europe and Asia. James has assisted on many notable projects involving: one of the largest acquisition and merger case of all time – a deal worth $85 billion, multijurisdictional money laundering matter for Government bodies, and national cyber threat crisis including the more recent ransomware, phishing campaigns, and network intrusion. James has comprehensive knowledge of the eDiscovery lifecycle and forensic investigation procedures in both practise and theory with deep focus and interest in Forensic Preservation and Collection and Incident Response. In addition, He holds a first class bachelor’s degree in Computer Forensics and is accredited as an ACE FTK certified examiner.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.