News

now browsing by tag

 
 

#nationalcybersecuritymonth | Rochdale News | News Headlines | Internet savvy Whitworth girls reach semi-final of national competition

Source: National Cyber Security – Produced By Gregory Evans



Date published: 05 March 2020


Three students from Whitworth Community High School got to pit their skills against other schools in the semi-final of a national competition held at PricewaterhouseCoopers office in Leeds.

Grace Campbell-Ousey, 12, Skye Wilkinson, 12, and Elizabeth Gack, 12, were selected for the second round of the The CyberFirst Girls Competition, set up by GCHQ’s National Cyber Security Centre.

The competition is aimed at promoting the industry as a career option to girls to increase diversity in the workforce.

Skye said: “The top 12 girls were split into groups of three for the first part of the competition which we completed online.

“We had four categories, networking, logic and coding, cryptography and cyber security, and we had a series of tasks at beginner, intermediate and expert levels.

“There was a lot of pressure and we had four hours, with a break for lunch, in which to complete as many tasks as we could.”

Both Grace and Elizabeth said they enjoyed the networking tasks best, but Grace said the cryptography was hard. Although all the tasks offered hints, they resulted in points being deducted if they were used.

Skye said: “My favourite part was speaking to the people who were running the competition and I learnt a lot from what they had to say.”

The competition certainly inspired Skye and Grace because they have both signed up for a development day workshop at a university in June and they are looking at computing careers.

Source link

The post #nationalcybersecuritymonth | Rochdale News | News Headlines | Internet savvy Whitworth girls reach semi-final of national competition appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Twitter says Olympics, IOC accounts hacked | News

Source: National Cyber Security – Produced By Gregory Evans

(Reuters) – Twitter said on Saturday that an official Twitter account of the Olympics and the International Olympic Committee’s (IOC) media Twitter account had been hacked and temporarily locked.

The accounts were hacked through a third-party platform, a spokesperson for the social media platform said in an emailed statement, without giving further details.

“As soon as we were made aware of the issue, we locked the compromised accounts and are working closely with our partners to restore them,” the Twitter spokesperson said.

A spokesperson for the IOC separately said that the IOC was investigating the potential breach.

Twitter also said Spanish soccer club FC Barcelona’s account faced a similar incident on Saturday.

“FC Barcelona will conduct a cybersecurity audit and will review all protocols and links with third party tools, in order to avoid such incidents,” the soccer club said in a tweet after the hack.

Last month, the official Twitter accounts of several U.S. National Football League (NFL) teams, including the San Francisco 49ers and Kansas City Chiefs, were hacked a few days ahead of the Super Bowl.

Earlier this month, some of Facebook’s official Twitter accounts were briefly compromised.

(Reporting by Akshay Balan in Bengaluru, Editing by Rosalba O’Brien)

Source link

The post #nationalcybersecuritymonth | Twitter says Olympics, IOC accounts hacked | News appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | #SocialSec – Hot takes on this week’s biggest cybersecurity news (Feb 7)

Source: National Cyber Security – Produced By Gregory Evans

Expired cert blamed on Microsoft Teams outage; rancor over Iowa caucus app; and an artist with 99 smartphones causes traffic mayhem in Berlin

This week didn’t get off to the smoothest of starts for Microsoft Teams users, as widespread reports surfaced on Monday that the collaboration software had ground to a halt.

From around 8:30 ET on February 3, users around the world were unable to log into Microsoft’s Slack-like group messaging service, leaving them with nothing else to do but post impromptu memes on Twitter.

At around 10:00 ET, Microsoft said it had discovered that the problem was due to an expired digital certificate.

The Teams service was restored later that day, although with a reported 20 million daily users being locked out of their accounts, the episode no doubt left the chat app’s devs more than a little red-faced.

In the US, social media feeds have been clogged with news of ‘The App That Broke the Iowa Caucus’.

Tech outlets were quick to jump onto reports that the results from Monday’s Democratic caucus in the midwestern state had been delayed because of problems with the smartphone app that was being used to report votes.

The confusion delayed the announcement of the winner in the first round for presidential hopefuls. Unsurprisingly, the fracas attracted no small amount of controversy, with many directing their ire towards the app developers.

Speaking to CNET, Irfan Asrar of cybersecurity company Blue Hexagon, said: “What we believe is, this is an oversight, and an example of the app being rushed into production.”

Offering their own take on the situation (and framing their article with a pointed reminder that “trust and transparency are core to the US elections”), Motherboard published the full .apk file of the app that malfunctioned and sent the caucus into a tailspin.

From unreliable apps to shady social media accounts, Twitter said it has suspended a large network of “fake accounts” that were being used to exploit its API in order to match usernames to phone numbers.

According to TechCrunch, a bug in the microblogging platform opened the door for an attacker to submit “millions of phone numbers” through an official API, which returned any associated user account.

The news comes as Indian website The Print reported allegations that “nearly 18,000 Twitter accounts” were spreading fake news on behalf of the right-wing Bharatiya Janata Party (BJP).

“Approached for comment, both the BJP and the Congress [a rival Indian party] denied the allegation that they supported accounts propagating misinformation,” the report reads.

And finally this week, an artist has shown how Google Maps could be abused to cause potential chaos on the roads, after he wheeled 99 smartphones in a wagon around Berlin in order to create a fake traffic jam.

In his ‘Google Maps Hacks’ performance piece, Simon Weckert demonstrated how it was possible to turn a ‘green street’ to ‘red’ on the popular online mapping service – showing how one small step for a man could have a giant impact on other road users, who would be directed into taking alternative routes from an actually clear road.

A video posted to Weckert’s YouTube account offers a real-time demonstration of what The Daily Swig is dubbing a ‘Distributed Denial-of-(Road) Surface’ attack. *bows*

Source link

The post #hacking | #SocialSec – Hot takes on this week’s biggest cybersecurity news (Feb 7) appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | Singapore’s crime rate highest in 9 years; online scams up by 54% – The Independent News

Source: National Cyber Security – Produced By Gregory Evans SINGAPORE — The crime rate in Singapore in 2019 is at its highest since 2010. While other types of crimes decreased, online scams increased by 54.2 percent from 2018. The Singapore Police Force (SPF) released the Annual Crime Brief 2019 on Wednesday (Feb 5). Overall, the country’s crime […] View full post on AmIHackerProof.com

#cyberfraud | #cybercriminals | Video: Dh4 billion online scam bid busted in Dubai raid, 9 arrested – News

Source: National Cyber Security – Produced By Gregory Evans

Operation Fox Hunt: They had run 81 fake businesses across 18 countries around the world.

The Dubai Police have arrested an African gang of nine cyber-scammers that had run 81 fake businesses across 18 countries around the world. They created a ‘wealthy’ image on social media – then duped people into transferring money in exchange of false job opportunities.

Dubbed ‘Fox Hunt’, the operation revealed the hidden online fraud network that managed to siphon off more than Dh32 million worth of money transfers.

The fraudsters were busted at their UAE residence, where the e-crime team of the Dubai Police found laptops and mobile phones full of sensitive information on individuals and companies – including bank accounts and credit cards details, as well as documents and files of the gangs’ illegal activities.

Major-General Abdullah Khalifa Al Marri, Commander-in-Chief of the Dubai Police, said the arrest marks a new important achievement for the team.

“As gangs constantly change their criminal methods, the Dubai Police exert all efforts to qualify elites of officers and employees specialised in dealing with the latest technologies to tackle emerging crimes,” Maj-Gen Al Marri said.

Major-General Khalil Ibrahim Al Mansouri, Assistant Commander-in-Chief for Criminal Investigation Affairs, said Operation Fox Hunt is “a unique and extremely professional” hit as it prevented the gang from abusing 800,000 e-mail addresses and foiled their bid to steal Dh4 billion.

The scam: Social media users were targeted

>Scammers disguised themselves with a ‘facade of wealth’ and used social media to celebrate illegitimate wealth under the names of others

>They reached out to social media users, promising they would help with job opportunities

>Victims received phishing e-mails that deceived them into transferring money to complete fake recruitment procedures

OPERATION FOX HUNT

>Some victims reported the incident to the Dubai Police’s anti-cybercrime platform (www.ecrime.ae)

>Thorough investigations led to identifying the group

>Police teams closely monitored the gang and put the details of their IDs, bank accounts, residence, and cars in the spotlight

Raid foiled bid to steal Dh64m from 1,126 credit cards

As the Dubai Police closely monitored the group, they received a tip claiming that one of the suspects intended to leave the country. The CID team immediately drew a plan and set a zero hour to make the arrest.

Captain Abdullah Al Shehi, deputy director of e-investigations at the Dubai Police, said the arrest foiled the gang’s bid to drain out the balance of 1,126 credit cards with an estimated total value of Dh64 million.

reporters@khaleejtimes.com

 

Source link

The post #cyberfraud | #cybercriminals | Video: Dh4 billion online scam bid busted in Dubai raid, 9 arrested – News appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Google’s New Messaging App To Unify Gmail, Drive, And Hangouts…And Other Small Business Tech News

Source: National Cyber Security – Produced By Gregory Evans KRAKOW, POLAND – 2019/01/23: In this photo illustration, the Google Hangouts logo is seen displayed … [+] on an Android mobile phone. (Photo Illustration by Omar Marques/SOPA Images/LightRocket via Getty Images) LightRocket via Getty Images Here are five things in technology that happened this past week […] View full post on AmIHackerProof.com

#nationalcybersecuritymonth | Cyber security news round-up

Source: National Cyber Security – Produced By Gregory Evans

Our first cyber security round-up of 2020 details updates to NHSmail and advice from the National Cyber Security Centre on the use of Windows 7, after Microsoft officially ended support for the platform.

Three-quarters of healthcare organisations suffered a cyber-attack in 2019

New research by data security provider Clearswift suggests that more than three-quarters (67%) of healthcare organisations in the UK have experienced a cyber security incident in the past year.

The research, which surveyed senior business decision-makers within healthcare organisations, found that almost half (48%) of incidents within the sector occurred as a result of introduction of viruses or malware from third-party devices – including IoT devices and USB sticks.

The survey found that further causes of cyber security incidents included employees sharing information with unauthorised recipients (39%), users not following protocol/data protection policies (37%), and malicious links in emails and on social media (28%).

The report once again highlights the serious threat that data breaches and malicious attacks pose to health data in the UK.

Alyn Hockey, VP of product management at Clearswift, said: “The healthcare sector holds important patient data, so it is alarming to see such high numbers of security incidents occurring in the industry.

“The healthcare sector needs to securely share data across departments and organisations in order to facilitate excellent patient care.

“With the proliferation of third-party devices in this process, it’s more important than ever that the industry bolsters its cyber security efforts to reduce the risk of everything from unwanted data loss to malicious attacks and focusses on keeping patient data safe and secure.”

NHSmail updates to improve security and user experience

NHS Digital is updating NHSmail to improve cybersecurity and save some 40,000 manual work hours for staff.

Dan Jeffery, head of innovation, delivery and business operations at NHS Digital’s Data Security Centre, detailed a number of improvements being made to the NHSmail platform around security, identity verification and user experience in a blog post on 6 January.

This includes a system to automate the movement of user accounts between NHS mail organisations that Jeffrey said would lead to “millions of pounds worth of efficiency savings.”

A password synchronisation micro-service allowing users to synchronise their password from the NHS Directory to their local active directory, and behavioural and transactional analysis providing insight into user behaviour, are also in the pipeline.

Jefferey said: “NHSmail is more than just an email service. The system manages the identities of all users within the Microsoft Active Directory in the NHS and allows local administrators to manage accounts within the NHSmail portal.

“Typically, NHS organisations will manage local identities within their own Active Directory and use the NHS Electronic Staff Record for workforce management, including the on-boarding and off-boarding of employees.

“With more than 13,000 health and care organisations in England and Scotland using NHSmail and 64,000 movements of user accounts every month, the burden is real and the security implications relating to identity are acute. But that also means the opportunity for improvement is significant.”

NCSC warns against using Windows 7

The National Cyber Security Centre (NCSC) has warned the public not to use Windows 7 to access internet banking or email applications after Microsoft pulled support for the operating system last week.

NCSC, the public-facing arm of the UK’s GCHQ intelligence service, said that people running the now-outdated Windows 7 to upgrade to Windows 10 in order to avoid possible cyber security attacks.

Microsoft official ended support for Windows 7 on 14 January, meaning computers running the software will no longer receive security and other important updates.

NCSC said in a statement: “The NCSC would encourage people to upgrade devices currently running Windows 7, allowing them to continue receiving software updates which help protect their devices,” an NCSC spokesman said.

“We would urge those using the software after the deadline to replace unsupported devices as soon as possible, to move sensitive data to a supported device, and not to use them for tasks like accessing bank and other sensitive accounts.

“They should also consider accessing email from a different device.”

Almost half of respondents to the latest Twitter poll run by Infosecurity Europe, Europe’s number one information security event, admit they would be completely unaware if a cyber breach occurred in their organisation. The poll was designed to explore incident response, an area that has come under recent scrutiny following Travelex’s response to its New Year’s Eve cyber-attack, which left many of its systems down and impacted travel currency sales.

Poll suggest half of people “wouldn’t know” warning signs of cyber security incident.

Almost half of respondents to a Twitter poll run by Infosecurity Europe admitted that they would be completely unaware if a cyber security breach occurred in their organisation.

In answer to the question: “If a cyber breach occurred, how quickly could you discover it?” 47.6% conceded they simply would not know.

The poll was designed to explore incident response, an area that has come under recent scrutiny following Travelex’s response to its New Year’s Eve cyber-attack, which left many of its systems down and impacted travel currency sales.

According to Maxine Holt, research director at Ovum, this reflects a widespread issue. “Discovering a breach well after the event is usual. Uncovering breaches is not easy, but proactive threat hunting is an approach being increasingly used by organisations.

“Regularly scanning environments to look for anomalies and unexpected activity is useful, but it can be difficult to deal with the number of resulting alerts. Ultimately, effective cyber hygiene involves having layers of security to prevent, detect and respond to incidents and breaches.”

The poll also examined risk insight, asking: “What understanding do you have of your information assets?” A worrying 44.7% revealed they had “very little” understanding, with 30.7% stating they had “some” – and only 24.7% said their grasp was “comprehensive”.

Bev Allen, CISO at Quilter, said: “Many companies don’t know what or where all their information assets are. They may think they do; but if they’re wrong this leaves them vulnerable to breaches. Consistent knowledge of your assets takes effort; you need tools and systems to record what you have, you need people to follow appropriate processes, and you need to search to find out what you don’t know about and where it is. This search must be done regularly.”

Source link

The post #nationalcybersecuritymonth | Cyber security news round-up appeared first on National Cyber Security.

View full post on National Cyber Security

A Handy Chrome Feature, a Sonos Update Warning, and More News

Source: National Cyber Security – Produced By Gregory Evans Chrome is protecting and Sonos is disconnecting, but first: a cartoon about the new big screen. Here’s the news you need to know, in two minutes or less. Want to receive this two-minute roundup as an email every weekday? Sign up here! Today’s News Don’t ignore […] View full post on AmIHackerProof.com

#school | #ransomware | Cyberattack on Morial Convention Center has little immediate effect on events there, but problems may grow | Business News

Source: National Cyber Security – Produced By Gregory Evans The Ernest N. Morial Convention Center, one of the cornerstones of New Orleans’ multibillion-dollar tourism economy, is the latest victim in a string of cyberattacks against city and state computer systems that have had serious consequences for government officials and the public. New Orleanians were left […] View full post on AmIHackerProof.com

#comptia | #ransomware | Rancocas Valley High School students blocked from social media, but can stream music video – News – Burlington County Times

Source: National Cyber Security – Produced By Gregory Evans

Federal law requires schools to protect students from inappropriate content. Schools have different standards on what to block, records show.

MOUNT HOLLY — Facebook, Snapchat and Twitter are off-limits.

Apple TV, Amazon Prime and Hulu video are just fine.

At Rancocas Valley Regional High School, cybersecurity systems are set to block student access to social media but allow teens to stream music and video on classroom devices, according to records released after a legal appeal to the New Jersey Government Records Council.

Beginning Nov. 8, this news organization filed open records requests with all Burlington County school districts.

Four months later, on Jan. 10, district officials released the requested information while apologizing for the delay.

“I reviewed the District’s initial response which did not include all of the documents I advised them to produce,” said George M. Morris, attorney for the school district. “Not sure where there was a breakdown in communication.”

Public schools are required by federal law to protect students from inappropriate content.

The information released by area schools districts shows that they have different standards for filtering content, protecting students and staff as well as the equipment financed by taxpayers.

In October, Cherry Hill School District in Camden County discovered some of its computer systems had been locked down and some district computer screens displayed the word “Ryuk,” a term associated with ransomware attacks.

Rancocas Valley is home to some 2,100 students from Eastampton, Hainesport , Lumberton, Mount Holly and Westampton.

In addition to streaming audio and video, Rancocas Valley students are allowed to access shopping, news and media, sports and travel websites, records show. A long list of blocked content includes dating, gambling, pornographic materials, sex education, tobacco, “sports hunting” and “war games.”

So far, records were provided by Bordentown Regional, Burlington City, Burlington Township, Cinnaminson, Delanco, Eastampton, Florence, Lenape Regional, Lumberton, Maple Shade, Medford, Moorestown, Mount Laurel, North Hanover, Palmyra, Riverside, Riverton, Shamong, Southampton, Springfield and Westampton.

Similar records requests are pending with Beverly City, Chesterfield, Edgewater Park, Evesham, Mansfield, the Northern Burlington County Regional School District and Willingboro schools.

Appeals have been filed with the New Jersey Government Records Council.

Under New Jersey’s Open Public Records Act, government agency must respond within seven days after receiving a request. Government agencies “must ordinarily grant immediate access to budgets, bills, vouchers, contracts,” according to the records council.

Source link

The post #comptia | #ransomware | Rancocas Valley High School students blocked from social media, but can stream music video – News – Burlington County Times appeared first on National Cyber Security.

View full post on National Cyber Security