Facebook Security Breach

A discovery on the 25th September revealed that 50 million accounts, including Mark Zuckerberg’s own account, had been compromised in an attack on Facebook. Attackers tricked the website into handing over digital keys to individual accounts. This attack affected accounts that were used to authorise logins on services like Instagram and Spotify. The exploit granted
-> Continue reading Facebook Security Breach

Businesses will pay Microsoft for Windows 7 Security Updates by 2020

Microsoft has announced that they will be ceasing to provide security updates for Windows 7 by 2020. This decision was made to encourage people to move away from the Operating System to the new Windows 10 platform. Businesses will have to pay Microsoft for Windows 7 Security Updates by 2020. For businesses that cannot feasibly transition
-> Continue reading Businesses will pay Microsoft for Windows 7 Security Updates by 2020

British Airways Data Breach

Álex Cruz, Chief Executive and Chairman of British Airways has described the recent data breach on ba.com and the mobile app as a “sophisticated, malicious criminal attack”. Although the breach was similar to the attack on Ticketmaster earlier this year, the criminals were able to access BA’s site directly rather than compromising a third-party system.
-> Continue reading British Airways Data Breach

Third Intel Computer Chips Exploit

In August, researchers found the third significant security flaw from Intel computer chips exploit this year which is known as the Foreshadow. The US government’s body for cyber security has identified the Foreshadow exploit to have vulnerabilities that could have been exploited to gain access to sensitive information. This is a similar vulnerability to the
-> Continue reading Third Intel Computer Chips Exploit

Phishing Attack against Butlins

Up to 34,000 guests may have had their information stolen as a result of a phishing attack against Butlins. No financial details were compromised during the attack, but this information does consist of names, home addresses, holiday arrival dates, email addresses and telephone numbers. The cause of the data breach was solely down to a
-> Continue reading Phishing Attack against Butlins

iOS Trustjacking

iOS Trustjacking is a new vulnerability which allows attackers to exploit the iTunes Wi-Fi sync feature. Designed to allow users to manage their iOS devices without requiring a physical connection to a computer, this feature can be manipulated by attackers to acquire persistent control over the victim’s device. So how does Trustjacking work? Firstly, the
-> Continue reading iOS Trustjacking

Reddit’s Data Breach

Reddit suffered a data breach between the 14th and 18th of June this year and have subsequently lost all Reddit data from 2007 and before, containing account credentials (username and hashed + salted password), email addresses and both public and private messages. More recent data includes email digests sent during the period of June 2018
-> Continue reading Reddit’s Data Breach

The Networks & Information Systems Directive (NISD)

The Networks and Information Systems Directive, more commonly referred to as the NIS Directive, is a law that was introduced on 9th May this year. The purpose of this directive is to improve the security of businesses providing essential services such as energy, transport, banking and healthcare. NISD also applies to businesses providing critical digital
-> Continue reading The Networks & Information Systems Directive (NISD)

5G

Most of us are well acquainted with 4G by now. The wide use of this technology has been rapidly increasing from 2012 to present with a colossal jump from 1.2 million subscribers in 2010 to approximately 1.4 billion subscribers in 2018. 5G is the fifth generation of wireless networking standard we all use to stay
-> Continue reading 5G

Google Play Store & Fake Applications

There are an enormous number of fake applications that linger within the Google Play app store, this week’s blog is designed to raise awareness of fake applications and how to best identify them. Recently, an attacker had uploaded three banking applications onto the Google Play app store to harvest banking information from unsuspecting users. The
-> Continue reading Google Play Store & Fake Applications