CyberSecurity Pulse 2016-11-10
|“The art of prophecy is very difficult, especially with respect to the future.”|
Unprecedented Growth of Security Breaches in T2 2016
Tesco Bank Limits Online Transactions After Fraud Hits Thousands
Tesco Bank has restricted the operations of current accounts after funds were looted from a reported 20,000 accounts. The UK bank has confirmed a fraudulent attack, which is under investigation. In the meantime it has suspended online transactions from current accounts, including contactless transactions. Its customers are allowed to withdraw cash and use chip-and-pin transactions while established standing orders and direct debits will continue as normal. Tesco manages around 136,000 current accounts. Around 40,000 of these experienced suspicious transactions, and around half of those had some money stolen from their accounts.
China Passes Cybersecurity Law to Tighten Its Control over the Internet
The legislation passed by China’s parliament and set to go into effect in June 2017 aims at combating growing threats like hacking and terrorism. The cybersecurity law requires instant messaging services and other internet operators to force users to register with their real names and personal information, which restricts anonymity of a user online. Moreover, the new legislation also forces companies to provide technical support to government agencies when requested for investigations involving national security and crime and to censor contents that are prohibited.
Rest of the Week´s News
Android Users Will Have to Wait to Be Proteced Versus Dirty Cow
Although the most famous Linux distributions have already had their Linux systems updated to patch a vulnerability that exists in the kernel since 2007, Android (which is in fact a Linux-based operating system) users will have to wait a little bit more to fix this in their own devices. The vulnerability has not been patched in the monthly update provided during November. This has surprised most security experts taking into account its severity and the fact of being a security issue which has been present in most devices since the conception of the most used operating system for smartphones.
Google Stops AdSense Attack That Forced Banking Trojan on Android Phones
Google has shut down an operation that combined malicious AdSense advertisements with a zero-day attack exploiting Chrome for Android to force devices to download banking fraud malware. Over what would have be a small two-month span, the campaign managed to download the Banker.AndroidOS.Svpeng banking Trojan on about 318,000 devices.
Massive Cyberattack Grinds Liberia’s Internet to a Halt
The entire internet infrastructure of the African country has been brought to a grinding halt after it was targeted by hackers using the same cyberweapons that caused the largest cyberattack in history just two weeks ago: the Mirai Botnet. Acording to Kevin Beaumont, they are seeing attacks over 600 Gbps aimed at two companies which co-own the only fibre which has been deployed in Liberia.