Criminal Charge For Sending Flashing Tweet To Epileptic

A man has been arrested after he alleged tweeted a flashing animated strobe-style picture, which triggered an epileptic seizure in the recipient.

women camera flashing

US police found (after searching sender 29-year-old John Rayne Rivello’s computer) that he had been researching the triggers of epileptic seizures online.

Part of a Planned Hate Campaign?

Further forensic searches of Maryland-based Mr Rivello’s computer by police found more evidence that the sending of the flashing image to the victim, Texas-based Kurt Eichenwald, appeared to be part of simmering and pre-planned hate campaign. Among the digital evidence, police discovered: Continue reading “Criminal Charge For Sending Flashing Tweet To Epileptic”

The Cloudflare Scare and Bleeding Clouds?

cloudflare, solar, cloud, rays, sun, orange, yellowSecurity company Cloudflare have revealed that a leak of sensitive data (nicknamed ‘Cloudbleed’), which was made possible by a bug in their code, could mean that many users of popular services may need to change their passwords.

What Happened?

A bug in the code of California-based Cloudflare’s software appears to have leaked data from perhaps as many as four million domains of the six million websites that using Cloudflare’s performance enhancement, SEO and security services.

Any requests to websites with the HTML rewrite features enabled, triggered the software bug, which then leaked personal data from any other Cloudflare proxy customers that were in memory at the time, to random requesters.

Continue reading “The Cloudflare Scare and Bleeding Clouds?”

The Psychology of Your Security

At Cybercon 2017 in Plymouth, an independent cyber security consultant and human behaviour specialist told attendees that Teaching IT and cyber security teams about psychology and sociology is key to enabling better cyber security practices.

Users Are A Mixture of ‘Spock’ and ‘Homer’

Consultant Jessica Barker made the point that instead of IT and cyber security teams in businesses being trained by security professionals to expect users to always behave rationally and logically (like “Spock”), they should also be trained to expect that users can also behave like “Homer” (Homer Simpson).

This acknowledgement of (and understanding among staff ) of a more rounded model of user behaviour could lead to businesses being better protected against cyber and data security threats.

Continue reading “The Psychology of Your Security”

Sec’s Education? Kids To Now Get Cyber Security Lessons

Scrabble TeachA 5 year pilot scheme is being introduced to English schools, which will focus on teaching children cyber security skills in a bid to fill a skills gap in this area across the UK.

Cyber Crime Now an Important National Issue.

The risk of criminals (or foreign powers) hacking into critical UK computer systems ranks as one of the top four threats to national security. The importance of combating cyber crime as a national and an international issue has been brought into sharp focus over the last year by (for example) :

 

Continue reading “Sec’s Education? Kids To Now Get Cyber Security Lessons”

1.5 Million WordPress Pages Hacked. Was Yours?

Anon hackker hacked hack face maskAn estimated 1.5 million WordPress pages were attacked and defaced in January via a vulnerability in the platform’s API.

What Vulnerability?

The vulnerability in the REST API (the Application Programming Interface of the REST architecture that makes up the pages) meant that unauthorised persons could modify the content of any post or page in a WordPress website. The fact that the vulnerability was there, and that attacks were taking place through it, was flagged up to WordPress by web security firm Sucuri on 20th January.

Continue reading “1.5 Million WordPress Pages Hacked. Was Yours?”

Security Companies Exaggerating Hackers Skills?

cyber crime securityThe technical director of the UK’s National Cyber Security Centre has said in a security conference speech that computer security companies may be exaggerating the abilities of malicious hackers.

Exaggerating to Boost Security Sales

During a speech at the Usenix Enigma security conference, Dr Ian Levy of the National Cyber Security Centre appeared to say that computer security companies who specialise in cyber sec, may be simply playing up the abilities hackers’ as a means to boost sales of their own security hardware and services to frightened businesses.

Continue reading “Security Companies Exaggerating Hackers Skills?”

3 Men Charged After Making $4 Million From Hacking U.S. Law Firms

Three Chinese citizens have been charged in the U.S. courts after it was found that they hacked U.S. law firms and then used the stolen information for insider trading that netted them $4 million dollars.NEO Hack

A Manhattan federal court charged the 3 men this week with conspiracy, insider trading, wire fraud and computer intrusion in a case that mixed cyber crime with securities fraud.

How They Did It

It has been reported that the trio aged 26, 30 and 50 hacked two U.S. law firms, specifically targeting the email accounts of partners working on mergers and acquisitions. The hacking trio used the law firms’ employee’s credentials to install malware on the firm’s servers in order to access emails from lawyers. Continue reading “3 Men Charged After Making $4 Million From Hacking U.S. Law Firms”

Businesses Misusing Average IT Security Spending Figures

A recent report by Gartner warns that although businesses are spending on average just over 5% of their overall IT budgets on IT security, comparing your security spending to other firms in the same sector is no substitute for accurately assessing your own security posture and spending requirements.

Yes It Sounds Low, But…question mark

 

According to Gartner’s report, the current IT security spend ranges from 1% to 13% of a firm’s IT budget, and the just over 5% average spend figure does seem low, especially considering the large number of reported hacks and security breaches. Continue reading “Businesses Misusing Average IT Security Spending Figures”

Obama Orders Election Review After Cyber Attacks

After public accusations against Russia concerning cyber attacks against Democratic Party organisations in the recent U.S. presidential election, President Barack Obama has ordered a full intelligence agency review.

Accused in October.obama

 

Back in October, Russia was formally accused by the U.S. government of launching cyber attacks against Democratic Party organisations during the 2016 election campaign. Since Donald Trump’s election as President on November 8th, and following his praising Putin and public dismissal of the idea of Putin and Russia’s influence or interference, the matter has snowballed into a global news story and has become the focus of Democrats’ anger and suspicion.
Continue reading “Obama Orders Election Review After Cyber Attacks”

Two Hackers Get Electric Shock

Sign on fence

A push-button door hacking demonstration at the Kiwicon hacking event in Wellington, New Zealand last Friday gave two of the featured hackers what can only be described as a ‘real’ shock in front of a crowd of 2,000 onlookers.

Alive and Well.

The 2 men involved in the incident were conducting the live demonstration and testing of a device which was intended to be able to wirelessly exploit door-opening push buttons. Both men survived the receipt of an electric shock. The audience of technology and hacking enthusiasts were reported to have laughed at the potentially dangerous and very public hacking fail.

Continue reading “Two Hackers Get Electric Shock”