ICO fines Glasgow Council £150,000 over lost laptop exposing 6,000 bank account details

Glasgow City Council has been fined £150,000 for its slapdash attitude to data protection, having lost 74 unencrypted laptops, including one containing more than 6,000 people's bank records.
The size of the fine hints at the anger within the Information Commissioner's Office (ICO), which had previously slapped an enforcement notice on the council in 2010 following the loss of unencrypted memory sticks.
“How an organisation can fail to notice that 74 unencrypted laptops have gone missing beggars belief,” said Ken Macdonald, the ICO assistant commissioner for Scotland. “The fact that these laptops have never been recovered, and no record was made of the information stored on them, means that we will probably never know the true extent of this breach, or how many people’s details have been compromised.”
While the ICO had concerns over the sheer number of unencrypted laptops going missing at the council, it was further angered by the loss of two in May last year. In that case, one of the laptops contained personal data relating to more than 20,000 people, and bank details for more than 6,000.
According to the ICO, the laptops were given to two employees who needed to be able to work flexibly. One member of staff locked her laptop in her drawer, while putting the key in her colleague's desk drawer. Unfortunately, that colleague left work putting his own laptop alongside the key, but forgot to lock the drawer. Both laptops were stolen overnight.
The ICO reported that both employees had requested that their laptops be encrypted but the council had not done so.
“Glasgow City Council was issued with an enforcement notice back in 2010 after a similar incident where an unencrypted memory stick was lost. To find out that these poor practices have returned some two years later shows a flagrant disregard for the law and the people of Glasgow,” railed Macdonald.
The ICO has not found any evidence that the bank accounts have been targeted following the losses.
Last year, the ICO fined Brighton and Sussex University Hospital £375,000 after a contractor stole hard drives from the NHS Trust, although the Trust appealed.

JOIN US !!!

Like the Bible says my people perish because of lack of Knowledge. When you say Education is expensive try ignorance you will see which is more expensive. Alot of people are victims of cyber attacks cause of their lack of awareness.  Ignorance cost us alot of things, money, reputation manpower and sometimes life. Alot of hard earned money disappear at the click of a mouse.
Several victims are out there, some are not aware about the cause of the attacks, the prevention and countermeasure of such attacks. Alot of questions are on our mind but couldn't find the right people to talk to and give you the right advice in solving the issues. And how you can prevent  such attacks from happening again.

Learning to secure your assets or Infrastructure should be a priority if you wont want to loose it. Some do ask who would want it, why would any want it. Maybe is high time you opened your eyes and ears to what is happening around dont wait till you are a victim.

You need help? You have questions pertaining to your IT security why dont you join us tomorrow. Alot of IT experts in the house with answers to your questions.
There are some questions which Financial Institutions wont answer, like how were they able to hack my ATM and wipe my account?
How come my Online transactions was compromised?
other questions like
Why Antivirus is good for me?
How do i prevent my system from being hacked?
How do i know i have been hacked?
How can i be sure the message is from the legitimate financial institution?
Questions on physical Security and surveillance gadgest and more... 
Are  you tired of hearing do it this this way without having a clue of why we need to do it as specified.
Join us tomorrow for more...
Time:10:00 am Prompt
Venue: Perfect Touch Consulting Limited
1 A, Basheer Augustos Street, Eric Emmanuel Bus Stop off Bode Thomas Street Surulere Lagos
Registration Fees: 500
For further details contact: 07037288651
For sit reservation please visit
http://cyberinfocts-june-forum.eventbrite.com

CyberCriminals leverage CNN Open Redirect vulnerability for spreading spam

Yesterday, (@BreakTheSec) came across a diet spam campaign that leverages the open redirect vulnerability in one of the top News organization CNN.

"The diet porgram you told us about yesterday is soo good! hxxx://cgi.cnn.com/cgi-bin/redir?URL=hxxx://tumblrhealth.me" One of the tweets posted from the spammers' twitter account reads.

The tweet apparently shows cyber criminals managed to leverage the open redirect security flaw in the CNN to redirect twitter users to the Diet spam websites.

"I love myself even more after I started your diet porgram [link]" spam tweets read.  "Yahoo made an article about how amazing your new diet program is!! You look amazing" 

The technique provides several advantages to the cybercriminals including 

• Getting trust of users
• URL filtering won't block users from accessing the url because the request goes to CNN.  CNN website then redirects the user to scam website. 

 After further research, i identified the spammers has also managed to exploit the open redirection security flaw in Yahoo.

"hxxx://us.ard.yahoo.com/SIG=15ohh3h62/M=722732.13975606.14062129.13194555/D=regst/S=150002347:R2/Y=YAHOO/EXP=1275539597/L=hnNys0Kjqbp5Cok8Sr10cAJDTPYa3UwHFG0AANhn/B=VSDoPmKJiUs-/J=1275532397077354/K=rS6pwy3MN2NPP7SBqBCOAQ/A=6097785/R=0/SIG=11o4aqdmv/*hxxx://bit.ly/HealthDiet2"

This is not the first time the CNN website is being abused by cyber criminals.  In 2010, the spammers managed to exploit the open-redirect vulnerability in "ads.cnn.com".

*Update: security researcher Janne Ahlberg ‏discovered @50Cent who has 7.6M followers fell victim to this spam campaign and retweeted the spam tweet:

#OpTurkey - Fox Turkey & VodaSoft hacked by Anonymous

Anonymous hacktivists continue their cyberattack against Turkey.  Today, they have breached Fox turkey and Vodasoft Call Center Solutions websites.

The security breach is part of the ongoing operation "#OpTurkey" which was kicked off in response to the government's violent attempt to suppress Turkish protests.
Sponsored Links
Unfortunately, the Government fails to know the violence against protesters will get the attention of Internet activists.

Hackers leaked more than thousands data from the Fox Turkey website(fox.com.tr) which contain ip address, email ids and name : http://nopaste.me/paste/208744166651b10f0ba7d44

The Vodasoft's leak comprise of username, email address, name and password details :http://nopaste.me/paste/126630249651b1068f3ee4c

Recently hacktivists breached the Prime minister website, Ministry of Interior and more Turkey websites as part of the operation.

Government asks Google, Facebook and Twitter to tackle 'harmful' web content

The government has written to tech giants urging them to help come up with plans to strengthen the campaign to restrict access to “offensive online content”.
The secretary of state for culture, media and sport, Maria Miller, has invited firms such as Google, Yahoo, Microsoft, Facebook and Twitter as well as ISPs and mobile operators to a summit aimed at tackling the problem of “harmful material”.
“It is clear that dangerous, highly offensive, unlawful and illegal material is available through basic search functions and I believe that many popular search engines, websites and ISPs could do more to prevent the dissemination of such material,” Miller wrote in the letter.
Fears over online access to images of child abuse have been heightened after the recent April Jones court case, during which it emerged her killer had used Google to search for sexual images of children.
In response to the public outcry, the Internet Watch Foundation, which is responsible for co-ordinating action against criminal online content, said people's failure to report issues allowed the problem to flourish.
“Our research revealed 1.5 million adults have stumbled across child sexual abuse content on the internet, but last year we received just under 40,000 reports,” said IWF spokeswoman Emma Lowther last month.
“The UK internet industry is extremely quick and nimble at tackling what is possibly the most horrendous images and videos available on the internet but there is always more to be done.”
Miller has asked the firms invited to the web-blocking summit to outline the steps they currently take and suggest ways the system may be improved.
But any suggestions are likely to prove highly contentious. Many within the technology industry are wary of heavy handed approaches to vetting the internet.
Civil rights campaigners will also be meeting to address the thorny issue of online child protection at the Open Rights Group's annual conference taking place in London this coming weekend.

Government defends Huawei investment to UK as Chinese firm dismisses security concerns

The government has defended deals signed by Chinese telecoms vendor Huawei with UK companies, claiming investment in the nation is vital and that national security was never at risk.

A damning report from the Intelligence and Security Committee (ISC) said the nation had been too blasé over the way Huawei had become involved in critical national infrastructure (CNI) deployments in the UK, such as a deal with BT in 2003.

In response, chancellor George Osborne said that allowing Chinese vendors to enter the UK market is vital for national prosperity.

“Inward investment is critical to generating UK jobs and growth. It is a personal priority of mine to increase trade links between the UK and China and I cannot emphasise enough that the UK is open to Chinese investment,” he said.

The Cabinet Office also issued a statement in response to the ISC report. It said while it acknowledges its dealing with CNI contract was somewhat lax in the past, it has now established much more rigorous criteria for vetting firms.

“We accept that the processes of 2005 needed improving and updating; this is what we have done,” it said. “We now have governance structures and working practices in place, which address these risks, including supply chain threats to the telecommunications infrastructure specifically, and escalation of decision-making processes as necessary.”

Huawei hit back too, citing elements of the report where the ISC said UK security had not been at risk specifically from Huawei, and again touted its efforts towards protecting IT systems.

“As a world-leading ICT solutions provider, Huawei fully understands the risk of cyber security and the need to protect privacy, while continuing to deliver the benefits and convenience that modern communication technology brings to our daily lives,” it said.

“Huawei is willing to work with all governments in a completely open and transparent manner to jointly reduce the risk.”
Question marks over Huawei have gathered over the last year or so as US security officials raise concerns over the close links between the firm and the Chinese government, effectively blockading the firm from selling to the US market.

NSA named in massive surveillance project

The US National Security Agency (NSA) has been named in a massive surveillance operation which includes monitoring activity on multiple US carriers and service providers.

Dubbed 'PRISM' the operation involves collecting data traveling through the US as part of a larger campaign to gather intelligence of international communications. The project was first reported by The Washington Post citing leaked government documents.

According to the reports, the PRISM archive collects and stores data from multiple US service providers including Apple, Microsoft, Google, Skype and Facebook. The collected information is then made available to US agencies for use in domestic and international investigations.

In the leaked documents, the agency notes that the archive is especially useful for overseas investigations as users will commonly rely on free or low-cost services which run through US companies.

According to the report, the PRISM programme goes back a number of years to programmes set up by the Bush administration to collect intelligence. The Washington Post alleges that members of congress have known about the archive for years but were prevented from disclosing the information.

Several of the companies named in the report have already been providing regular public reports on their government dealings. Google has long maintained a series of reports on government requests for data on users. The company reports that it declines most of those requests.

Twitter, likewise, has begun disclosing its dealings with the US government. The company said that is has seen requests for customer information booming in recent years.

National security risked with Huawei control of UK critical infrastructure

UK national security was put at risk by the ease with which Chinese telecoms firm Huawei entered the UK's critical national infrastructure (CNI) industry, according to a damning report from the Intelligence and Security Committee (ISC).

Questions about Huawei have dominated the headlines over the last 12 months, with officials attempting to ban the company from operating in the US due to fears over national security.

However, the UK has had a much more open approach to Huawei, with companies such as EE and BT using its kit to power their networks.
The ISC has since investigated this situation and, in its damning report presented to the prime minister and made public on Thursday, it has raised concerns that Huawei was able to gain a major stake in the control of CNI in the UK without due scrutiny.

In particular, the ISC cited concerns that when BT first revealed its intention to work with Huawei in 2003, civil servants did not consult ministers as they did not want to impede a major financial deal within the business world. The ISC has argued this was a major oversight.

“There was no justification for failing to consult ministers about the situation when BT first notified officials of Huawei’s interest. Such a sensitive decision, with potentially damaging ramifications, should have been put in the hands of ministers. The Committee was shocked that officials chose not to inform, let alone consult, ministers on such an issue," it said.

The ISC said the incident highlighted the lack of clear protocols about how companies operating in CNI areas should liaise with governments about their intentions to work with foreign suppliers.

“The failure in this case [with BT] to consult ministers seems to indicate a complacency, which was extraordinary given the seriousness of the issue,” the report states.
Huawei has long dismissed concerns with its equipment by saying it is all open for testing at its own facilities in the UK. This, though, was again cited by the ISC as a major security concern.

“We remain concerned that a Huawei-run Cell is responsible for providing assurance about the security of Huawei products,” it said. “A self-policing arrangement is highly unlikely either to provide, or to be seen to be providing, the required levels of security assurance. We therefore strongly recommend that the staff in the Cell are Government Communications Headquarters (GCHQ) employees.”
As a result, the ISC said national security has been put at risk by the failure of government to properly assess the use of Huawei's equipment within UK CNI.

"The government’s duty to protect the safety and security of its citizens should not be compromised by fears of financial consequences, or lack of appropriate protocols," it stated. "However, a lack of clarity around procedures, responsibility and powers means that national security issues have risked, and continue to risk, being overlooked."
However, the report appears to stop short of proposing any form of ban on Huawei, claiming it would prove unworkable.
"It is not practicable to seek to constrain CNI companies to UK suppliers, nor would that necessarily provide full protection given the global nature of supply chains," the report stated.
BT said it always makes sure “security is at the heart” of the firm’s decision making processes when working with suppliers, and acknowledged this was highlighted in the report.

“The experts at GCHQ say BT is an ‘exemplar’ and that the UK network has not been at risk due to the measures we have taken,” it said.

“Our testing regime enables us to enjoy constructive relationships with many suppliers across the globe. One of these is Huawei, with whom we have had a long and constructive relationship since 2005.”

V3 contacted Huawei for comment on the report’s finding but had received no reply at the time of publication.

Malwarebytes to launch Android security app by end of the year

Malwarebytes has announced plans to enter the mobile security race, confirming the company's intention to create a new Android virus database and app by the end of the year.
The firm's chief executive Marcin Kleczynski unveiled the firm's plans in an interview with V3, confirming that the app will be a launch point for a wider push into the enterprise security market. He added that the recent increase in the number of Android tablets and smartphones being used for business purposes has finally made the market valuable enough to be worth entering.
"We've ignored mobile for some time, but now as more tablets are coming out there's a reason. As this shift happens more and more malware writers will start focusing on [mobile devices], sending threats via SMS, finding exploits for Android and iOS," Kleczynski told V3.
Kleczynski said the app will offer businesses unparalleled antivirus protection being powered by an advanced custom-built Malwarebytes virus database. "We've hired a mobile researcher as we really want to get into detecting mobile threats. But instead of just buying a database, like many antivirus companies do and just plugging it into an engine for Android, we're starting from scratch," he said.
"Buying a database is bulky, you don't see what you're buying, so we're adding the threats as they come and we're creating our own database. It's not ready yet, it needs to grow and it's something we're going to be working on for the next couple of months. We're shooting for an early July or end of August release for beta."
The initial app will feature a bare-bones scanning tool, though Kleczynski confirmed plans to rapidly release new add-on services for sale in the B2B market. "Our core product is going to be completely free for mobile, but in the enterprise space, for things like remote wipe, we're going to charge. We already do business packages for B2B and it'll be included in those," he said.
Kleczynski promised the features will help businesses deal with a variety of mobile security issues, such as a lost or stolen work phone. "Every day we hear about a corporate phone getting stolen and that's deep crud right there, you we really need to be able to remote wipe the phone here and that's one of the things we want our product to be able to do, so sensitive data can be remotely wiped," said Kleczynski.
"We want to make it so phones can't be infected, sensitive data on the phone can be remotely wiped, we want to do some web filtering as well, making it so you can't access certain websites on a work phone, and offer a lot of corporate control features to customers. That's our end goal for the product, but initially we're going to launch with a scanner to wet our feet in the market and see what's out there for us."
Looking to the future Kleczynski said traditional attacks on PCs will continue to be a problem, predicting criminals' use of complex rootkits will cause IT administrators no end of trouble.
"Things are getting more and more sophisticated, my prediction is that rootkits are going to become more common and as soon as you wrap a rootkit around regular, ordinary malware it's there to stay," he said.
"As soon as a rootkit comes into play antiviruses struggle, you can't remove it manually. You wrap some malware or adware round it and you've got something that's going to stay on that system, that's what's scary. As that becomes more common or is sold more that's going to be a problem."
Malwarebytes planned launch comes during a boom in the number of Android malwares active in the wild. Most recently competing security vendors McAfee and Kaspersky listed mobile malware as one of the biggest threats facing businesses, in their respective Q1 2013 threat reports.

Juniper looks to block network attacks with Junos DDoS Secure

Juniper Networks has unveiled a service that will seek to protect customer data centres from distributed denial-of-service (DDoS) attacks.

The company said that its Junos DDoS Secure service will use a combination of network monitoring tools and data analysis components to help detect and seal off DDoS attacks. The system is able to spot the attacks on networks and over virtual infrastructure.

Designed primarily to disrupt network activity, DDoS attacks seek to disable systems by sending a flood of traffic requests, dramatically slowing traffic and disrupting other services. The attacks are often carried out by large networks of botnet-controlled PCs, each responsible for a small portion of the traffic flood.

The Junos DDoS Secure platform looks to help thwart such attacks by analysing traffic patterns and scaling capacity to cope. The system is also able to help stall attacks by shifting traffic or resources from regional facilities.

The platform, which is IPv6 compliant, will support virtual network infrastructures for the VMware and KVM platforms with both public and private cloud deployments as well as hybrid infrastructure.

Juniper Networks vice president and general manager for Counter Security David Koretz said: “Enterprises and service providers interested in safeguarding availability would be well served to consider both size and sophistication in architecting a DDoS security strategy.

“Junos DDoS Secure offers customers a unique, intelligence-based approach to protecting against all types of DDoS attacks, providing next-generation security for today’s data centre.”

Juniper said that it would be offering the Junos DDoS Secure service for both a yearly subscription and a one-time payment.

Microsoft and FBI take down $500m Citadel botnet

Microsoft and the FBI have taken down a botnet that controlled millions of infected PCs, which was responsible for more than $500m in bank fraud.
The botnet, dubbed Citadel, consisted of more than 1,400 instances located the US, Europe, Hong Kong, Singapore, India and China. The Citadel malware was used to install key-logging tools on victims' PCs, stealing their online bank credentials.
Brad Smith, Microsoft general counsel, said: “The harm done by Citadel shows the threat that botnets, malicious software, and piracy pose to individuals and businesses around the world."
Microsoft first began tracking the Citadel botnet in early 2012, working with financial services firms and law agencies, including the FBI, to instigate the co-ordinated takedown.
Last week it filed a civil suit against the botnet controllers in a US District Court in North Carolina. Yesterday Microsoft officials, along with US Marshals, seized servers from data centres in New Jersey and Pennsylvania as part of the effort.
FBI executive assistant director Richard McFeely said: “[These] actions represent the future of addressing the significant risks posed to our citizens, businesses, and intellectual property by cyber threats and malicious software, which are often enabled by counterfeit and unlicensed software."
According to Microsoft, those behind Citadel spread the malware using pirated Windows XP product keys, which it claims demonstrates the links between software piracy and cybercrime.
Microsoft also admitted that it does not expect to have wiped out the Citadel botnet fully, simply because of its sheer size. But it expects to be able to use the seized equipment to help strengthen its defences against future attacks.
The software titan has taken a more aggressive stance against botnets in recent times, launching several takedown campaigns. Earlier this year, it disrupted the Bamital botnet, believed to have infected thousands of PCs, which were used to conduct click fraud on a massive scale. Other attempts to counter the 'bot herders' have seen Microsoft sinkhole the Kehlios botnet, although new versions have subsequently re-emerged.

Phishing attack targets Yahoo users

A new phishing attack is looking to trick Yahoo Mail users into handing over their account credentials.

Researchers with Zscaler ThreatLabz are reporting that the attacks, which are being spread through a spam campaign, look to spoof the Yahoo login page in order to collect user account names and passwords.

According to Zscaler, the attackers send victims a phony notification message warning that unless action is taken, the user account will be suspended. The message also includes a link to the phishing page, which poses as the Yahoo login screen.

In addition to spoofing the Yahoo notification and login systems, the attack looks to capitalise on looming confusion over transitions at Yahoo to new services and interfaces.

Zscaler ThreatLabz researcher Julien Sobrier said: “Yahoo is now shutting down its Yahoo Mail classic interface and forcing users to their new e-mail platform. This will no doubt be another great opportunity for phishers to take advantage of confused users.”

The attack could also trick users who are confused about the switch many sites are making to new security platforms and protections. Though the introduction of two-factor authentication has been widely hailed by security experts as a valuable additional security component, confusion over how such systems will roll out could leave users vulnerable.

“Two-factor authentication has been in the news a fair bit lately as LinkedIn and Twitter have recently begun to offer the feature,” explained Sobrier. “We encountered an example whereby a phisher actually took advantage of heightened awareness of two-factor authentication to aid in an attack.”

Hackers have got into the identity register

The police driving licence register, including the personal identity (CPR) number register were hacked in the summer of 2012 and may have been changed, with hackers also having retrieved information about CPR numbers and people posted as wanted in the Schengen area, according to the Danish national police.

The police say that data hackers may also have had access to registers from the Tax Authority and the Modernisation Agency, in a previously undiscovered attack that seems to have gone on from April to August 2012.

The Security and Intelligence Agency and specialists from the Defence Intelligence Cyber Security Unit are currently investigating the break-in. A Swedish national currently in prison in Sweden is suspected of being involved, with Denmark applying for his extradition. A Danish man is also believed to have been involved in the attack.

“This has been a serious breach of the IT security that there must be in connection with police registers,” says National Police Commissioner Jens Henrik Højberg in a news release.

The Security and Intelligence Agency has been tasked with making sure that the necessary security procedures are in place in order to make sure that similar attacks cannot take place in the future.

The break-in is said to have taken place in central computers at the CSC company.

Justice Minister Morten Bødskov says all available resources are being used to investigate the hacker attack.

“I can fully understand people who are worried about a security failure involving police registers, and I can fully understand those who want an answer as to whether the failure has any influence on their affairs,” Bødskov says.

Global $200m credit card hacking ring busted

Eleven people in the United States, the UK and Vietnam have been arrested and accused of running a $200 million worldwide credit card fraud ring, US and UK law enforcement officials said on Wednesday.

Federal prosecutors in New Jersey said they had filed charges against a 23-year-old man from Vietnam.

They said in a statement that authorities in Vietnam had arrested Duy Hai Truong on May 29 in an effort to break up a ring he is accused of running with co-conspirators, who were not named in the statement.

“One of the world's major facilitation networks for online card fraud has been dismantled by this operation, and those engaged in this type of crime should know that they are neither anonymous, nor beyond the reach of law enforcement agencies,” Andy Archibald, interim deputy director of the National Cyber Crime Unit, said in a statement on the British government's Serious Organized Crime Agency website. (http://www.soca.gov.uk/news/552-eleven-arrests-as-global-investigation-d...)
The arrests were coordinated by the three countries, the statement said.

The arrests come as law enforcement officials around the world are cracking down on Internet-related heists. Two weeks ago, authorities raided Liberty Reserve, a Costa Rica-based company that provided a virtual currency system used frequently by criminals to move money around the world without using the traditional banking system.

Earlier last month, authorities arrested seven people involved in a $45 million heist in which hackers removed limits on prepaid debit cards and used ATM withdrawals to drain cash from two Middle Eastern banks.

“It's rare that you find actual human beings behind these things,” said Mark Rasch, a former cyber crimes prosecutor and now a lawyer in private practice in Bethesda, Maryland. “Usually you can tie them to organizations or hacker handles, but it's harder to find individual people.”

Rebekah Carmichael, a spokeswoman for New Jersey US Attorney Paul Fishman, said the charges were filed in New Jersey's federal court because some of the victims of the scheme are residents of the state.

Prosecutors claim Truong and accomplices stole information related to more than a million credit cards and resold it to criminal customers through the websites  www.matteuter.biz and www.mattfeuter.com, , according to a criminal complaint filed in federal court in New Jersey.

According to the complaint, Truong hacked into websites that sold goods and services over the Internet and collected personal credit card information from the sites' customers. “The victims' credit cards incurred, cumulatively, more than $200 million in fraudulent charges,” the complaint said. The scheme began in 2007.

“Like many 'carder' cases, this is an international conspiracy,” Rasch said, adding that a recently passed computer crime law in Vietnam had made it possible for Vietnamese authorities to participate in the multinational sting.

Although Truong has been charged in the United States, he does not have a US-based lawyer because he is being held in Vietnam, Carmichael said