ICYMI: TeamViewer control; Intel defence; Card cloner; Skype a vector; Cloud apps not GDPR ready

The latest In Case You Missed It (ICYMI) looks at TeamViewer hijack; Intel's processor defence; 15 per sec cards cloned; Malware via Skype; Cloud apps not GDPR ready

TalkTalk blames supplier for breach affecting 4M customers
TalkTalk blames supplier for breach affecting 4M customers

TalkTalk TeamViewer users in remote-control hijack 'PC seizure'

Several TalkTalk customers report having experienced a remote-control ‘PC seizure' attack channelled through the TeamViewer desktop sharing platform.

The current malicious social engineering attack arises when some TalkTalk customers who are also TeamViewer users attempt to use the sharing services provided by the platform while on the TalkTalk Internet Service Provider (ISP) pipes. So-called ‘opportunists' are said to be taking control of users' PCs. More

Intel looks at stopping hackers and malware at the processor level

Intel is looking at introducing security features at the chip level to prevent hackers from using return-oriented programming to take advantage of memory vulnerabilities.

The chip firm has worked with Microsoft on Control-flow Enforcement Technology (CET) which should stymie attempts by criminals to use techniques such as return-oriented programming (ROP) and jump-oriented programming (JOP). ROP attacks can exploit memory flaws to install malware, despite mitigations such as data-execution prevention (DEP), and address-space layout randomisation (ASLR). More

New device can allegedly clone 15 contactless bank cards a second

A new device has surfaced online which has the ability to clone 15 contactless bank cards a second reports The Daily Star newspaper

According to the publication, the scanner skims details from contactless cards of people standing nearby and is able to capture encrypted data onto blank cards using specialised software.  The device, named the Contactless Infusion X5, can read any bank card from 8 cm away and will read 1024 bytes per second, equivalent to 15 bank cards per second, The Daily Star alleges. More  

 Skype being used to distribute malware

Researchers at F-Secure found cyber-criminals attempting to steal the personal information of Swiss nationals, among other travellers, who were looking for help on how to file for visas to visit the United States.

To pull off the scam the bad guys are using malware called QRAT, or Qarallax RAT. In an interesting twist, the malware is being distributed through Skype by criminals posing as US officials offering the needed help, wrote F-Secure's Frederic Vila in a blog. Skype has been used as an attack vector in the past, but for adware. More

75% of cloud apps are not compliant with the EU GDPR

Three quarters of cloud apps are not GDPR-ready as they lack key capabilities to ensure compliance. 11 percent of enterprises have sanctioned apps laced with malware, indicating that cloud apps are a growing and vulnerable threat vector for businesses.

New research by Netskope analysed more than 22,000 cloud apps during Q1 2016 and discovered that many have a significant amount of catching up to do before the GDPR is fully implemented in less than two years. Failure to comply with the GDPR data privacy mandate will result in severe penalties on enterprises: £15.3 million or up to four percent of annual worldwide revenue, whichever is greater. More

SC Webcasts UK

Sign up to our newsletters

FOLLOW US