Cyber Security Training from QA

Cyber Pulse: Edition 29

Read the latest edition of Cyber Pulse, our roundup of Cyber news.


24 August 2018

Superdrug customer details hit by hackers

According to the store, hackers contacted them on Monday evening saying they had obtained details on approximately 20,000 customers. So far, Superdrug has seen 386 of the accounts compromised. A spokeswoman for the company said: “The hacker shared a number of details with us to try and ‘prove’ he had customer information – we were then able to verify they were Superdrug customers from their email and log-in.” Superdrug said customers’ names, addresses and in some cases dates of birth, phone number and points balances may have been accessed but no payment or card information had been taken. Customers who may have had their data harvested received an email and were asked to change their passwords, and to change them regularly in the future. The email read: “We have contacted the Police and Action Fraud and will be offering them all the information they need for their investigation as we continue to take the responsibility of safeguarding our customers’ data incredibly seriously.” Superdrug tweeted on Tuesday: “To customers who have received an email from us today, this email is genuine. We recommend you follow the steps outlined.” Last year, retailer Dixons Carphone, which owns a number of electrical and tech brands including Currys and PC World, was subject to one of the biggest data breaches in history. Around 10 million records containing personal data were accessed. In 2015, mobile network TalkTalk was targeted by hackers who exploited a flaw in the company’s website, resulting in 157,000 records being accessed.

Aussie Teen Pleads Guilty to 90GB Apple Hack

An Australian teenager has pleaded guilty after hacking Apple’s IT systems several times over the course of a year and downloading 90GB of content. The 16-year-old Melbourne schoolboy, who can’t be named for legal reasons, is said to have accessed customer accounts but no personal data. In fact, it’s unclear what content was taken in the raids, but the stolen data was reportedly stored in a folder named “hacky hack hack.” However, he appears not to have taken any steps to hide his identity. Apple notified the FBI of the unauthorized intrusion, and the Feds in turn contacted the Australian Federal Police (AFP), which obtained a warrant to raid the family home. On doing so they reportedly found two Apple laptops with serial numbers matching the devices used to obtain authorization keys to access the tech giant’s network. The boy’s IP address also tallied with the attacker’s, as did a seized mobile phone and hard drive, as well as the hacking software found on one of the laptops. Lawyers for the teen argued that he carried out the unauthorized intrusions because he was a fan of the company and dreamed of working there one day, according to The Age. "At Apple, we vigilantly protect our networks and have dedicated teams of information security professionals that work to detect and respond to threats,” Apple said in a statement. “We regard the data security of our users as one of our greatest responsibilities and want to assure our customers that at no point during this incident was their personal data compromised."

Malicious faxes leave firms 'open' to cyber-attack

Booby-trapped image data sent by fax can let malicious hackers sneak into corporate networks, security researchers have found. Since many companies use fax machines that are also printers and photocopiers, they often have a connection to the internal network. The malicious images exploit protocols established in the 1980s that define the format of fax messages. The two researchers said millions of companies could be at risk because they currently did little to secure fax lines. "Fax has no security measures built in - absolutely nothing," security researcher Yaniv Balmas, from Check Point software, told the BBC. Mr Balmas uncovered the security holes in the fax protocols with the help of colleague Eyal Itkin and said they were "surprised" by the extent to which fax was still used. "There seems to be a lot of organisations, government agencies, banks and others that are still using fax," said Mr Balmas. He added that there were historical and legal reasons why the ageing technology was still so prevalent.

'Foreshadow' attack affects Intel chips

Researchers have found another serious security flaw in computer chips designed by Intel. Nicknamed Foreshadow, this is the third significant flaw to affect the company’s chips this year. The US government’s body for computer security said “an attacker could exploit this vulnerability to obtain sensitive information”. Intel has released a patch which mitigates the problem, which affects processors released from 2015 onwards. A full list of affected hardware has been posted on Intel's website. "We are not aware of reports that any of these methods have been used in real-world exploits,” the firm said. “But this further underscores the need for everyone to adhere to security best practices.” It said future processors would be built in such a way as to not be affected by Foreshadow. News of the vulnerability followed two similar attacks - Spectre and Meltdown - that were discovered earlier this year. Collectively the flaws affected billions of computers around the world.

Android 'Triout' spyware can record 'most interactions' on infected devices

Security researchers have identified a new strain of Android spyware in the wild that's capable of recording most interactions on an infected phone and sending them to a command and control centre. The researchers at security vendor Bitdefender say the malware, dubbed Triout, was first reported to the VirusTotal site on May 15 apparently by somebody located in Russia, and that subsequent reports and scans appear to come mostly from Israel. The command and control (C&C) servers to which the malware sends information also seem to have been operational since May. The malware comes bundled with an adulterated version of Android app called SexGameForAdults. The original version of this app was available in Google Play until 2016 after which it was removed. "It's unclear how the tainted sample is disseminated," notes Bitdefender in a blog post. "Third-party marketplaces or some other attacker-controlled domains are likely used to host the sample." The spyware features extensive surveillance capabilities. For example, it automatically sends the following information from the victim's device to the C&C: Phone calls together with the caller's ID; Incoming SMS messages; Call logs; Photographs taken with front and rear cameras; GPS coordinates. The malware also has the ability to hide itself. However, at present the tainted code, which comes in comes in a package called 208822308.apk, is readable, Bitdefender notes, suggesting that it may be an experimental version.

Teens solve tank cyber hack attack

TEEN computer-whizzes turned their hands to criminal investigation to hunt down tank track hackers. Many in the 30-strong group were too young to drive, buy booze or knives. But some of the country’s top cyber crime investigators confessed they were impressed by the youngsters’ analytical skills and teamwork as they tackled a mock-National Crime Agency investigation. Organised by non-profit Cyber Security Challenge UK, the semi-final event saw talented computer scientists take over a tank hall at the Shrivenham Defence College. Those who impressed the judges will be put forward for the grand final in Canary Wharf later in the year, competing for prizes ranging from fully-funded masters degrees to tickets to a cyber security conference in California. Teams were set a challenge by the National Crime Agency: find out who was blackmailing a Ministry of Defence contractor for £17m. The firm had won a new contract to manufacture parts for Challenger II tank tracks. But when the company was hit by IT hackers, the company was told to pay up £17m or expect their data to be published. Assessors tracked the teams performances as they gathered clues and raided the hackers’ bedrooms to collect forensic evidence. While the competition events were aimed at those already interested in computing and cyber security, Mr Lobley said he hoped to inspire more people to think about keeping themselves safe online. Around one in five cyber security breaches were caused by human error, like people opening dodgy email attachments, he added: “If we reduce that 80 per cent of human-cause incidents to 30 per cent, then the demand on and need for cyber security will reduce.”

 

Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.

 

Useful links

Cyber Pulse: Edition 28

Cyber Pulse: Edition 27

Cyber Pulse: Edition 26

Cyber Pulse: Edition 25

Cyber Pulse: Edition 24

Cyber Pulse: Edition 23

Cyber Pulse: Edition 22

Cyber Pulse: Edition 21

Cyber Pulse: Edition 20

Cyber Pulse: Edition 19

 

Edited and compiled by

 

James Aguilan

James Aguilan

Cyber Security Specialist

James Aguilan currently works as a Cybersecurity Researcher. He has provided upskilling and development to Government Agencies, National Critical Infrastructures and Large Corporations through the simulation of cyber-attacks and forensic investigations workshops. In the past, James worked as a Data Consultant where he advised high profiling clients on how to handle their data in a Civil Litigation or Criminal Investigation. Notably, this includes the largest Merger between two US Powerhouse Conglomerate, a deal worth $87 billion. Additionally, he has also served as a Cybersecurity Consultant where he would Respond to Incidents and Perform Full Forensic Investigations. James holds a first-class honour in Computer Forensics and is actively working towards a Masters in Network Security and Penetration Testing.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.