Bittium has received national Confidential level information security classification for Bittium Tough Mobile™ smartphone

Bittium Tough Mobile™ and related Bittium Secure Suite™ back-end system is the first mobile solution in the world to receive official Confidential level encryption product classification. With the solution, it is possible to create and process classified information, as well as transfer it between the smartphone and connected back-end solutions.

Oulu, Finland 18.9.2017 – National Cyber Security Centre-Finland of the Finnish Communications Regulatory Authority has granted approval for the Mobile Security and Public Safety targeted Bittium Tough Mobile LTE-smartphone and related Bittium Secure Suite back-end system to process material that is classified nationally as Confidential. Bittium’s mobile solution is the first one in the world to receive official Confidential level encryption product classification. The mobile solution can be used for creating and processing classified information, as well as for transferring it between smartphone and connected back-end solutions.

http://brn.firetrench.com

http://adn.firetrench.com

Continue reading

Vevo hacked as OurMine releases 3.12TB of internal files

It has been reported that Vevo has been hacked, with roughly 3.12TB worth of internal files posted online, some of which appear sensitive. The majority of the files include benign data including weekly music charts, pre-planned social media content, and various details about the artists under the record companies’ management. Some files were more sensitive, though, such as one which reveals the alarm code for the company’s offices.

http://brn.firetrench.com

Continue reading

Nearly 600, 000 Alaska voters’ sensitive records exposed

News has surfaced that nearly 600,000 Alaska voters’ sensitive records exposed due to a CouchDB database configuration error. Security researchers at the Kromtech Security Research Center discovered the database of about 593,000 voters was accidentally configured for public access without password protection, potentially allowing anyone with a web browser to access and view the sensitive information. The exposed records contained the sensitive and personally identifiable information of prospective voters including names, addresses, dates of birth, ethnicity, marital status and voting preferences.

http://brn.firetrench.com

Continue reading

Equifax breach caused by a missed patch

News that Equifax has revealed that the cause of its massive data breach last week was a missed patch, the following attributable comment from

Amit Yoran, CEO of Tenable Network Security:

“Once again, we have a basic failure in cyber hygiene causing a massive data breach. The Equifax breach is the latest example of a known vulnerability with a patch readily available that was not applied, leaving millions of customers at risk. The fix was available for the Apache Struts vulnerability used in this attack for two months before Equifax was breached.

Every time a massive data breach makes headlines, we all have the same question: why does this keep happening? The answer is simple. These types of attacks take advantage of our own worst habits — the avoidance of doing something as simple as maintaining good cyber hygiene and patching systems.  Cyber criminals don’t need to waste a precious and rare zero-day exploit when they can easily get into your network using a known exploit of an unpatched vulnerability.

This should be a wakeup call for organizations of all sizes, across all industries. Knowing what systems your business relies on, and keeping those systems up to date and protected from exploitation isn’t a theoretical best practice — it frequently makes the difference between stopping an attack and a massive breach.”

21 million hit by Google Android malware attack

Security researchers have discovered the second-biggest outbreak to ever hit Google’s platform, with as many as 21.1 million infections. The malware’s been dubbed ExpensiveWall after hiding inside wallpaper apps. The researchers warned it sent fraudulent premium SMS messages and charged for fake services. In the latest outbreak detected by Check Point, ExpensiveWall infected at least 50 apps, which together were downloaded between 1 million and 4.2 million times, according to data straight from Google Play.

http://brn.firetrench.com

Continue reading

Cryptocurrencies web mining: a slower way to profit

For several years, cybercriminals have taken advantage of cryptocurrency mining in order to make a profit. Mostly by using malware or potentially unwanted applications installed on the victim‘s machine. Now, ESET researchers have analyzed a special case of mining of cryptocurrencies – done directly within your web browser using JavaScript.

http://brn.firetrench.com

Continue reading