Author: Planned Link

Agencies refuse cyber quick-fixes.

In 2015, Murphy’s whole-of-government IT security survey uncovered 454 problems, up from 389 in 2014.

It also identified a 3 percent decline in the number of agencies meeting the audit office’s bare minimum infosec benchmark, sending the proportion below half.

“My practice is not to name agencies that have information system weakness for fear that this could encourage attempts to exploit the weaknesses,” Colin Murphy wrote today, introducing the results of his 2015 survey of security provisions in the state government

http://www.itnews.com.au/news/wa-auditor-could-name-and-shame-worst-infosec-offenders-421143

Is it this easy to break into your bank account?

Is it this easy to break into your bank account?

Fraud reporter Shari Vahl investigates how criminals have been able to break into Natwest customer bank accounts using only a mobile phone number and other publicly available information. She demonstrates how simple the process is by accessing a colleague’s account and transferring money out of it and into her own. Natwest says as a result it has tightened its security systems.

http://www.bbc.co.uk/programmes/p03lcx9v

Civilians to help police investigate cybercrimes, says Theresa May

Civilians to help police investigate cybercrimes, says Theresa May

Civilian recruits will help police solve cybercrime under an expansion of the role of volunteers in England and Wales, the home secretary has said.

The plans include measures to give more power to support staff and volunteers.

Forces will be able to identify volunteers who specialise in accountancy or computing for cyber and finance inquiries, Theresa May said.

Unison, which represents police staff, said it was concerned it was a way to “plug the huge gap” left by cuts.

http://www.bbc.com/news/uk-35354139

BBC Hack May Have Been the Largest DDoS Attack in History

BBC Hack May Have Been the Largest DDoS Attack in History
Cyber attacks are getting evil and becoming the worst nightmare for companies day-by-day, and the Distributed Denial of Service (DDoS) attack is one of the favorite weapon for hackers to temporarily suspend services of a host connected to the Internet.

Until now, nearly every major website had been a victim of this attack, and the most recent one was conducted against the BBC’s websites and Republican presidential candidate Donald Trump’s main campaign website over this past holiday weekend.

Out of two, the largest DDoS attack in the history was carried out against the BBC website: Over 600 Gbps

See http://thehackernews.com/2016/01/biggest-ddos-attack.html for the full story

Microsoft Collecting More Data of Windows 10 Users than Initially Thought

Microsoft Collecting More Data of Windows 10 Users than Initially Thought

After several controversial data mining and privacy invasion features within Microsoft’s newest operating system, Microsoft continued convincing its users that Windows 10 is not spying on anyone and that the company is not collecting more data than it needs.
In addition, Microsoft also updated its privacy policy in order to clear how and when Windows 10 utilizes users’ data.

See the full story here:

http://thehackernews.com/2016/01/windows10-privacy-data.html

Computer hackers growing in numbers as security breaches increase

Computer hackers growing in numbers as security breaches increase

Partial transcript of a story from July 2015, click the link below for the full article at abc.net.au.

TICKY FULLERTON: This week, customers using the Ashley Madison relationship cheating service got a nasty shock. Their personal details had been hacked. 30 million people held their breath including 1 million Australians apparently. But hackers aren’t just interested in people cheating on their partners, they’re increasingly attacking a growing number of databases holding highly sensitive personal information. In the US, health insurance details were stolen, in another case the hackers stole fingerprints held by the US Government. Margot O’Neil takes up the story.

http://www.abc.net.au/lateline/content/2015/s4280609.htm

2015 data breaches up by 0.8%, as compared to 2014

2015 data breaches up by 0.8%, as compared to 2014

According to the latest December 15, 2015 Identity Threat Resource Center (ITRC) data breach report—750 data breaches were recorded with more than 177 million records exposed. The ITRC breach list is a compilation of data breaches confirmed by various media sources and/or notification lists from state governmental agencies. This list is updated daily, and published each Tuesday.

The latest report indicates that hackers are concentrating on medical/healthcare sectors that account for 68.4 percent of all breaches, followed by government/military: 19.2 percent, business: 9.1 percent, banking/credit/financial: 2.8 percent, and educational: 0.4 percent. 2015 data breaches are up by 0.8 percent, as compared to 2014.

http://darkmatters.norsecorp.com/2015/12/16/2015-data-breaches-up-by-0-8-as-compared-to-2014/?mkt_tok=3RkMMJWWfF9wsRojvKrKZKXonjHpfsX66uUoWKWzlMI%2F0ER3fOvrPUfGjI4FRMBmI%2BSLDwEYGJlv6SgFTLjEMa9u1rgPUhI%3D

OSSIM has limited or no connectivity: Make sure your network connection is active and try again

OSSIM has limited or no connectivity: Make sure your network connection is active and try again

In the event that you receive this message “Limited or no connectivity: Make sure your network connection is active and try again.” while trying to link OSSIM to the Open Threat Exchange (OTX) it may be that your DNS entries need adjusting. Simply SSH to the OSSIM environment and in the menu go to System Preferences, then Configure Network and Name Server (DNS) where you can change the entry to your required DNS settings.

Ensure you go back to the main menu and select Apply all Changes, this should then update the configuration file and solve the issue. You may however find that this does not help, in which case, go to  Jailbreak System and using the usual Linux navigation edit the file /etc/network/interfaces  check your details and if needed, change the DNS entry. Once complete, save and type exit, you will be returned to the main menu.

At this point you might wish to reboot the device.

Cybercriminals are gearing up for the holidays

Cybercriminals are gearing up for the holidays

The upcoming holiday season could be a lucrative time for cybercriminals, according to a new ThreatMetrix Q3 Cybercrime Report. The digital identity company detected 45 million e-commerce attacks during Q3, a 25 percent increase over the previous quarter.  Login attacks were also up 40 percent more than in the previous quarter.

http://darkmatters.norsecorp.com/2015/11/12/cybercriminals-are-gearing-up-for-the-holidays/?mkt_tok=3RkMMJWWfF9wsRojvKjPZKXonjHpfsX66uUoWKWzlMI%2F0ER3fOvrPUfGjI4FRMJqI%2BSLDwEYGJlv6SgFTLjEMa9u1rgPUhI%3D