Taking security training courses and passing certification exams are common ingredients in the makeup of the vast majority of accomplished cybersecurity and information security professionals. As such, two security incidents last month raised more than just a surprising eyebrow or two within the UK security industry.
The first involved the renown and well respected United States security training company, The SANS Institue, announcing that a successful email phishing attack against one of its employees resulted in 28,000 personal records being stolen. SANS classified this compromise as "consent phishing", namely where an employee is tricked into providing malicious Microsoft Office 365 OAuth applications access to their O365 accounts. In June 2020, Microsoft warned 'consent phishing' scams were targeting remote workers and their cloud services.
The second incident involved British cybersecurity firm NCC Group, after The Register reported NCC marked CREST penetration testing certification exam 'cheat cheats' were posted on Github. El Reg stated the leaked NCC marked document "offered step-by-step guides and walkthroughs of information about the Crest exams. With those who posted the documents claiming that the documents contained a clone of the Crest CRT exam app that helped users to pass the CRT exam in the first attempt." CREST, a globally recognised provider of penetration testing accreditations, conducted their own investigation into the Github post and then suspended their Certified Infrastructure Tester (CCF Inf) and Certified Web Application Tester (CCT App) exams.
Reuters reported British trade minister Liam Fox email account was compromised by Russian hackers through a spear-phishing attack. This led to leaks of sensitive US-UK trade documents in a disinformation campaign designed to influence the outcome of the UK general election in late 2019.
UK foreign exchange firm Travelex is still revelling from the double 2020 whammy of major ransomware outbreak followed by the impact COVID-19, and has managed to stay in business thanks a bailout arranged by their business administrators PWC.
Uber's former Cheif Security Officer has been charged with obstruction of justice in the United States, accused of covering up a massive 57 million record data breach in 2016. Uber eventually admitted paying a hacking group $100,000 (£75,000) ransom to delete the data they had stolen.
The British Dental Association advised its dentist members that their bank account details and correspondence with them were stolen by hackers. A BDA spokeswoman told BBC News it was possible that information about patients was also exposed, but remained vague about the potential context. The cyber breach was likely caused by a hack of the BDA website given it was taken offline for a considerable amount of time after reporting the breach.
Its seems that every month I report a huge cloud misconfiguration data beach, typically found by researchers looking for publicity, and caused by businesses not adequately securing their cloud services. This month it was the turn of cosmetics giant Avon after researchers 'SafetyDetectives" found 19 million records were accessible online due to the misconfiguration of a cloud server. Accurics separately reported misconfigured cloud services accounted for 93% of 200 breaches it has seen in the past two years, exposing more than 30 billion records. Also predicting cloud services data breaches are likely to increase in both velocity and scale, I am inclined to agree.
Finally, I was invited to review a pre-release of Geoff White’s new book, “Crime Dot Com: From Viruses to Vote Rigging, How Hacking Went Global”. I posted a book review upon its release in August, I thoroughly recommend it. The book is superbly researched and written, the author’s storytelling investigative journalist style not only lifts the lid on the murky underground world of cybercrime but shines a light on the ingenuity, persistence and ever-increasing global scale of sophisticated cybercriminal enterprises. While this book is an easily digestible read for non-cyber security experts, the book provides cybersecurity professionals working on the frontline in defending organisations and citizens against cyber-attacks, with valuable insights and lessons to be learnt about their cyber adversaries and their techniques, particularly in understanding the motivations behind today's common cyberattacks.
|Crime Dot Com: From Viruses to Vote Rigging, How Hacking Went Global|
Stay safe and secure.
- Beating the Emotet Malware with SSL Interception
- Countering Cybercrime in the Next Normal
- Book Review: Crime Dot Com, From Viruses to Vote Rigging, How Hacking Went Global
- Cyber Security Roundup for August 2020
- Securing the COVID-19 'New Normal' of Homeworking
- Security Training Firm SANS Institute Data Breach after an employee fell for ‘Consent Phishing’
- Travelex Strikes Rescue deal but 1,300 UK jobs go following the impact of Ransomware Attack & COVID 19
- Uber Ex-Security Boss Accused of Covering up Hack Attack
- Suspected Russian Hackers Stole UK Trade Minister’s Personal Emails
- Cosmetics Giant Avon Leaks 19 Million Records due to Misconfigured Cloud Server
- British Dental Association members targeted by Hackers
- Internal NCC Training Data and CREST Exam Questions Leaked on Github
- Regulators levy $80 Million Fine on Capital One for Massive Breach
- Stricken Electronics Firms Weigh Reward and Cost of Paying Cyber Ransoms
- New Zealand Stock Exchange Halted by DDoS Cyber-Attack
- Hacker Leaks Passwords For 900+ Enterprise Pulse Secure VPN Servers
- Insecure satellite Internet is Threatening Ship and Plane Safety
- Tea at the Ritz Soured by Credit Card Scammers
- NCSC departing Boss reflects on China, Russia and Trust in Tech
- British Army 'could drop tanks in favour of Cyber Capabilities', says report
- GCHQ Cyberspies Foil Get-Rich-Quick Scams
AWARENESS, EDUCATION AND THREAT INTELLIGENCE