New Government Cyber Security Unit Encourages Business Co-Operation

After the opening of new National Cyber Security Centre in London in February (to act as part of GCHQ in Cheltenham), businesses are being encouraged to report serious data breaches to the NCSC in confidence.cyber crime anon sign

Confidential

Peter Yapp, the deputy director for the incident management directorate has been reported as telling an audience of journalists in a recent meeting that such confidential disclosures would not be passed on to the ICO, the UK’s independent body set up to uphold information rights. Continue reading “New Government Cyber Security Unit Encourages Business Co-Operation”

Google’s New Simpler Captcha

A new Captcha system, developed by Google, will secretly study how your interact with a web page rather than asking questions or setting puzzles in order to prove that you are a ‘human’ visitor.

Why Captchas?

‘Captcha’ is actually an acronym (dating back to 2000) for ‘Completely Automated Public Turing test to tell Computers and Humans Apart’. Captchas are used to stop automated bots accessing and using websites and other online resources. If Captchas are not used, some of these bots can post spam comments in blogs, sign up for thousands of email accounts every minute e.g. on Yahoo, buy multiple tickets from ticket sites, gather email addresses (written in text) from web pages, distort online polls, and launch dictionary attacks on password systems. The use of Captchas can also offer full protection to pages that you don’t want indexed by search engines, and offer worm and spam protection. Continue reading “Google’s New Simpler Captcha”

The Cloudflare Scare and Bleeding Clouds?

cloudflare, solar, cloud, rays, sun, orange, yellowSecurity company Cloudflare have revealed that a leak of sensitive data (nicknamed ‘Cloudbleed’), which was made possible by a bug in their code, could mean that many users of popular services may need to change their passwords.

What Happened?

A bug in the code of California-based Cloudflare’s software appears to have leaked data from perhaps as many as four million domains of the six million websites that using Cloudflare’s performance enhancement, SEO and security services.

Any requests to websites with the HTML rewrite features enabled, triggered the software bug, which then leaked personal data from any other Cloudflare proxy customers that were in memory at the time, to random requesters.

Continue reading “The Cloudflare Scare and Bleeding Clouds?”

The Psychology of Your Security

At Cybercon 2017 in Plymouth, an independent cyber security consultant and human behaviour specialist told attendees that Teaching IT and cyber security teams about psychology and sociology is key to enabling better cyber security practices.

Users Are A Mixture of ‘Spock’ and ‘Homer’

Consultant Jessica Barker made the point that instead of IT and cyber security teams in businesses being trained by security professionals to expect users to always behave rationally and logically (like “Spock”), they should also be trained to expect that users can also behave like “Homer” (Homer Simpson).

This acknowledgement of (and understanding among staff ) of a more rounded model of user behaviour could lead to businesses being better protected against cyber and data security threats.

Continue reading “The Psychology of Your Security”

Sec’s Education? Kids To Now Get Cyber Security Lessons

Scrabble TeachA 5 year pilot scheme is being introduced to English schools, which will focus on teaching children cyber security skills in a bid to fill a skills gap in this area across the UK.

Cyber Crime Now an Important National Issue.

The risk of criminals (or foreign powers) hacking into critical UK computer systems ranks as one of the top four threats to national security. The importance of combating cyber crime as a national and an international issue has been brought into sharp focus over the last year by (for example) :

 

Continue reading “Sec’s Education? Kids To Now Get Cyber Security Lessons”

Facebook Provides Secure Keys

Secure KeyFacebook’s 1.79 billion users can now benefit from new login security measures which use a secure key alongside the password.

Security Keys.

The new security upgrade involves the introduction of a security key for Facebook users. The FIDO U2F is a physical key which can be inserted into the USB port of any device. After the user types in their Facebook login password, they can then press the small button.

Continue reading “Facebook Provides Secure Keys”

Travellers To The U.S. May Have To Provide Social Media Details

According to recent reports, the Trump administration may be about to introduce an immigration policy that will require foreign travellers to the U.S. to divulge their social media profiles, contacts and browsing history.

Not A New Idea.

Continue reading “Travellers To The U.S. May Have To Provide Social Media Details”

3 Men Charged After Making $4 Million From Hacking U.S. Law Firms

Three Chinese citizens have been charged in the U.S. courts after it was found that they hacked U.S. law firms and then used the stolen information for insider trading that netted them $4 million dollars.NEO Hack

A Manhattan federal court charged the 3 men this week with conspiracy, insider trading, wire fraud and computer intrusion in a case that mixed cyber crime with securities fraud.

How They Did It

It has been reported that the trio aged 26, 30 and 50 hacked two U.S. law firms, specifically targeting the email accounts of partners working on mergers and acquisitions. The hacking trio used the law firms’ employee’s credentials to install malware on the firm’s servers in order to access emails from lawyers. Continue reading “3 Men Charged After Making $4 Million From Hacking U.S. Law Firms”