Cyber Security

NEW RISCAuthority Guidance for Insurers and Business

The RISC Authority, with the support of the Cyber Risk and Insurance Forum (CRIF), has produced new guidance on Cyber, IT Risk and Insurance that will help insurers and business.

The guidance entitled ‘S28 Cyber crime: overview and sources of support’ provides information without jargon on the threats being faced by business and looks at the typical impacts seen.

Learning from ShellShock

Research and Intelligence Report- IBM MSS Threat Research Group

IBM has published an intelligence report detailing their experience and insight following the reporting of a long standing vulnerability in the GNU Bash shell (widely used on Linux, Solaris and Mac OS systems).

This sparked the mobilization of attacks known as “shellshock” beginning in late September 2014. This is the IBM Analysis of the Shellshock Bug and how it was used.

Staples are the latest in a long line of US retailers breached

Staples PoS cyber breach adds impetus to the Chip and Pin drive Reports are emerging of another credit card security breach this time concerning the Office supplies firm Staples.

They are the latest in a growing list of familiar retail names to have had their security breached. The breach came to light following the detection of fraud patterns across the North Eastern United States.

A statement issued by the company has confirmed reports in a statement saying “Staples is in the process of investigating a potential issue involving credit card data and has contacted law enforcement.”

POODLE flaw cracks SSL 3.0 Security

POODLE Bug breaks SSL 3.0 Security Researchers from Google have announced the discovery of another major flaw in Web Security.

It has been called POODLE and follows hot on the heels of Bash and Heartbleed.

The vulnerability is rooted in SSL v3.0 that is used as part of the security framework used for encryption across the Internet.

Online Cyber Security Course from FutureLearn developed by Open University and Government

Online Cyber security training from the Open University

Future Learn has launched 3 new free cyber security online training courses, funded by the National Cyber Security Programme.

The courses are aimed at all levels, from young people through to existing employees, and represent an excellent opportunity to develop skills in the IA arena.

HMG steps up support for Lawyers and Accountants with free online training

Department of Business, Innovation and Skills helps Lawyers and Accountants develop Cyber Risk knowledge

Digital Economy Minister Ed Vaizey has announced a new free online training course to help members of the legal and accountancy professions develop the skills they need to protect themselves and their clients from cyber-attacks.

Developed by government and industry, the on-line training will also enable lawyers and accountants to advise their clients on the cyber risks to their business. This will help UK businesses protect themselves from information breaches and other threats that could potentially cost them millions of pounds.

4.5 billion records stolen by cyber criminals

Reports have been confirmed that over four billion records from 500 million addresses have been stolen by by a Russian group. From buying a set of stolen details on a Dark Web Site the gang was able to install malware on systems using both social media and email exploits. These infected systems were then used to expand the theft as their botnet grew through SQL injection attacks and other vulnerabilities enabling them to steal more data from more websites.

Verisign DDOS Trends Report shows attacks are getting bigger and faster

Verisign warns of increasingly sophisticated DDoS attacks Verisign has published data on the nature and scale of Distributed Denial of Service Attacks (DDoS).

The Trends Report warns that DDos attacks are continuing to grow in terms of size and frequency and that companies lacking expertise and resources to defend themselves are particulalry vulnerable.

Cyber Essentials Scheme Accreditation Scheme introduced

Clarity on Minimum levels of Cyber Risk Controls from UK Government

Universities & Science Minister, Right Hon David Willetts MP, stressed action on Cyber Risk during his announcement of the governments latest initiative, Cyber Essentials, to address the rising threat of business disruption or loss from lax management of cyber risk.

Energy sector concerned over levels of Cyber Threat

Energy sector targeted by advanced cyber attacks

Hackers, criminal gangs and political activists are specifically targeting energy firms for financial and political reasons using increasingly sophisticated methods.

This is the conclusion of research from Marsh entitled "Advanced Cyber Attacks on Global Energy Facilities" that shows the energy sector is being disproportionately targeted for attack.

Cyber Security

NEW RISCAuthority Guidance for Insurers and Business

Learning from ShellShock

Staples are the latest in a long line of US retailers breached

POODLE flaw cracks SSL 3.0 Security

Online Cyber Security Course from FutureLearn developed by Open University and Government

HMG steps up support for Lawyers and Accountants with free online training

4.5 billion records stolen by cyber criminals

Verisign DDOS Trends Report shows attacks are getting bigger and faster

Cyber Essentials Scheme Accreditation Scheme introduced

Energy sector concerned over levels of Cyber Threat

Pages

Info Security

You are here

Cyber Security

Pages

Info Security