There’s an article on the BBC news website that popped up yesterday that took our interest. It states that a “hack” lets phones “eavesdrop and make premium calls”. This was obviously a great concern for us, as it named our primary vendor, snom, as the manufacturer whose phones were used in the research.
The article can be seen on the BBC website here: http://www.bbc.co.uk/news/technology-35579273
What we can’t understand is why the BBC chose to publish such a non-story. What this “security hack” boils down to is not changing the administration page password from the default. Yes, you heard right. The only security flaw is not setting an admin password for managing the settings on the phone.
In fact, if you ignore the fact they used old firmware to carry out their tests and you perform that exact same test on firmware that isn’t old (and was only a beta release) the phone itself prompts you on the screen at every opportunity to set an Admin password.
We are currently aware of a lot of malicious spam emails currently doing the rounds. As of posting this, few anti-viruses pick up the virus attachments.
The fake email pretends to come from e-mail address email@example.com, but is actually a simple forgery and does not in fact come from Les Caves.
The contents of the e-mail message are as follows:
From: Avril Sparrowhawk [Avril.Sparrowhawk@lescaves.co.uk]
Date: 22 December 2015 at 11:14
Subject: CWIH8974 PAYMENT RECEIVED
Thanks very much for your payment we recently from you, however there was a missed invoice. Can you just confirm this will be included in the next payment run, or whether there were any queries with this particular invoice?
I have attached the invoice for your reference.
Pressing the backspace key 28 times will let you circumvent a locked-down Linux machine researchers at Universitat Politechnica de Valencia recently discovered.
The GRUB bootloader used by most Linux distributions has the option to password protect boot entries. Not only will this prevent tampering but allows you to prevent peripherals such as CDs and USB ports from booting an OS. Without this protection an attacker could boot a system from a live USB key or CD, switching into their preferred operating system to download or access files stored on the machine’s hard drive.
This flaw with Grub2, of which versions 1.98 and 2.02 are affected, means a simple tap of the backspace key 28 times will bring up the prompt usually hidden behind the password screen.
TalkTalk have once again shown their inability to keep customer data safe. Police are now investigating what TalkTalk term a “significant and sustained cyber-attack” on their website.
Their website currently shows the page above highlighting the fact the website is unavailable right now.
An official statement was released by TalkTalk on 22/10/2015: View Statement in Full.
What the statement doesn’t highlight is what customers of TalkTalk need to do now.
The investigation is ongoing, but unfortunately there is a chance that some of the following data may have been accessed:
- Dates of birth
- Email addresses
- Telephone numbers
- TalkTalk account information
- Credit card details and/or bank details
TalkTalk have also created a help page here for those who may have been affected: http://help2.talktalk.co.uk/oct22incident
Please be aware, TalkTalk will NEVER call customers and ask you to provide bank details unless we have already had specific permission from you to do so.
We have noticed a large number of calls yesterday and today in relation to users on Windows 7 where the computer sits stuck on a “Starting Windows” page. The common denominator between all of these incidents is that the computers had AVG Anti-Virus installed.
Whilst we wait on AVG getting back to us with news on this issue we have been resolving these incidents by booting the computers in to Safe Mode, un-installing AVG completely, then booting back into Windows in normal mode before reinstalling AVG.
This is not the first time Anti-Virus programs have caused catastrophic issues with Windows PCs. In April 2010 a McAfee pushed out an update that caused a false positive identification, and incorrect deletion, of the critical Windows system file svchost.exe.
On 14th July 2015 Microsoft will cease supporting Server 2003. This means that, going forward, there will be no more updates or patches for the Server Operating System, which will lead to a less stable and less secure server infrastructure for any businesses that choose to continue to use the system after this date.
Any organisation that is still currently using Microsoft Server 2003 needs to put in place a plan of action to migrate to a new server Operating System, or find an alternative IT infrastructure solution.
Edinburgh IT Support consultants, Consider IT, suggest getting in touch and we’ll provide options for moving forward to a secure and reliable solution.
SourceForge is a popular website that offers source-code repository, downloads mirrors, bug tracker and other features. It acts as a centralised location for software developers to control and manage free and open-source software development. What you might know it from is its usefulness in providing downloads of popular software, rather than having to go to the developer’s website to get it.
Since yesterday at least, SourceForge has now since started to distribute adware/malware in certain projects hosted on their site.
NMAP, an open-source network tool used extensively by IT Professionals has been hijacked by SourceForge and the developers have hit back on security notice boards:
Hi Folks! You may have already read the recent news about SourceForge.net hijacking the GIMP project account to distribute adware/malware.
PayPal and eBay have fallen out and are splitting up with each other on 1st July 2015. PayPal have published a new set of Privacy Policies that will come into force on the same day.
PayPal is nice enough to give its customers only two options when it comes to the new terms: begrudgingly accept them or close your account entirely.
- notify you regarding your account
- troubleshoot problems with your account
- resolve a dispute
- collect a debt
- poll your opinions through surveys or questionnaires
- contact you with offers and promotions
- as otherwise necessary to service your account or enforce this User Agreement, our policies, applicable law, or any other agreement we may have with you.
The ICO has issued South Wales Police with a £160,000 fine for losing a video recording which formed part of the evidence in a sexual abuse case.
Despite the DVDs containing a graphic and disturbing account, the discs were unencrypted and left in a desk drawer.
The recorded interview took place in August 2011 and the loss was discovered by staff after an office move in October 2011 but the security breach then went unreported for nearly two years due to lack of training. Although the DVDs were stored in a secure part of the police station, South Wales Police had no specific force-wide policy in place to deal with the safe storage of victim and witness interviews in its police stations.
Google Chrome is ending support for Silverlight – used by NOW TV and BT Sport to play video.
The Microsoft runtime depends on an ageing plug-in protocol called Netscape Plugin Application Programming Interface (NPAPI), for which Google is currently phasing out support in its browser.
The Google Chrome team originally speculated that support for the old protocol would be removed from Chrome before the end of 2014.
Silverlight remains very popular with broadcasters because of the level of encryption it offers. Many broadcasters seem to be sticking with Silverlight instead of migrating to HTML5.
“With each step in this transition, we get closer to a safer, more mobile-friendly web,” said Justin Schuh, software engineer and plug-in retirement planner at Google.