CyberSecurity Pulse 2016-10-13

CyberSecurity Pulse 2016-10-13

“Experience is that marvelous thing that enables you to recognize a mistake when you make it again.”
Franklin P. Jones

Analyst Insight

Internet, Kids and New Trends on Information Leaks

The Internet is an increasing part of today’s social life, especially for children. A survey conducted by European Union Kids Online and funded by the European Commission’s Safer Internet Programme suggests that the most common activities that children and youth do when surfing the Internet are schoolwork (92%), playing games (83%), watching video clips (75%) and social networking (71%). But, are we ready for this growth by our young people? It really seems that we are not.CyberSecurity Pulse 2016-10-13Recently, new data leaks that could concern this collective are taking place more often than desired. Two weeks ago, we spoke about Neopets platform which was affected by a data breach some time. It was possible to determine that millions of under age individuals were affected and that many of these (up to 60% depending on the age) were female users. These users could be geolocated using their IP addresses or tracking services, or could become victims of spear phishing, which could provide access not only to the credentials and personal information already exposed on the platform, but also to other websites used by these users. The fact that such a significant number of users could be minors represents a significant risk for them to become the targets of specific attacks against this population that may take advantage of the exposed personal information and that use potentially more sophisticated social engineering attacks associated with sextorsion practices.

In this sense, new organizations fighting the problem are appearing. For example, the Spanish Oficina de Seguridad del Internauta (OSI), a free service that has launched INCIBE, an organization depending on the Industry Ministry in Spain, was launched to promote a safer internet and new technologies among minors. They are looking for cybervoluntary workers, so, if you are interested, you can always check the programme in their official website!

» More information at ElevenPaths and at OSI

Top Stories Domain Hijacked!

CyberSecurity Pulse, one of the world’s most popular Bitcoin wallet and Block Explorer service, has been down last Wednesday, and it’s believed that a possible cyber attack has disrupted the site. BlockChain team tweeted about the sudden breakdown of the site, saying: “We’re researching a DNS issue and looking into it. We apologize for the inconvenience. Stay tuned”. Until resolved, the digital wallet users of the platform would not be able to access their online accounts. In response to this incident, Blockchain users are in hopes that their online wallet has not been hacked while they wait for an official explanation of what has really happened.

» More information at Twitter

Dropbox, Google Drive and Microsoft OneDrive Blocked in Turkey Following Leaks

CyberSecurity Pulse 2016-10-13Turkey has blocked access to Dropbox, Microsoft OneDrive and partially restricted Google Drive following the leak by hacktivist group Redhack of a set of private emails allegedly belonging to Minister of Energy and Natural Resources Berat Albayrak, son-in-law of current Turkish president, Recep Tayyip Erdogan. Github, Dropbox, and Google Drive were issuing SSL errors, which may be an indicator of a possible interception of their traffic at either national or ISP level. Microsoft OneDrive was also subsequently blocked off throughout Turkey.

» More information at Turkey Blocks

Rest of the Week´s News

Spotify Has Been Used to Serve Malware to Listeners

Spotify has already stated that it has fixed a problem in its software that would let rogue adverts to automatically open virus-infected websites on a victim’s device. Experts have warned that malvertising is on the rise, because the scale of popular advertising networks can be misused to push malicious content to a wide audience.

» More information at BBC

Yahoo Disables Email Auto-forwarding

Yahoo has disabled automatic email forwarding, a feature that lets its users forward a copy of incoming emails from one account to another. Only users who already had the feature turned on in the past are out of this trouble, but users who are trying to turn on automatic email forwarding from now on will not enjoy the chance of doing it anymore.

» More information at The Hacker News

Win $50,000 for Finding Non-traditional Ways to Detect Vulnerable IoT Devices

Researchers who find and report a non-traditional approach for identifying IoT devices while passively observing the network can earn up to $50,000. “We are looking for a unique identifier or fingerprint to enable administrators to enumerate the IoT devices while passively observing the network”, MITRE, who organizes the challenge, says.

» More information at The Hacker News

Further Reading

Facebook Rolls Out Opt-in Encryption for Secret Messenger Chats

» More information at ZDNet

Cerber Ransomware Kills Processes Needed to Access Data

» Más información at Computerworld

Apple Watch Banned from UK Cabinet Meetings

» More information at SC Magazine UK