HMRC's Ed Tucker talking at SC Congress 2017
HMRC's Ed Tucker talking at SC Congress 2017

A cyber-success story: HMRC's road to DMARC implementation

Ed Tucker, head of cyber-security at Her Majesty's Revenue and Customs (HMRC), the UK's tax collection authority, explained to SC's Roi Perez how HMRC has successfully stopped 300 million phishing emails sent in its name.

This was achieved by implementing the email authentication protocol Domain-based Message Authentication, Reporting and Conformance (DMARC) across the HMRC. DMARC is a security process which works by determining which email servers are allowed to send messages on behalf of the organisation. If an email passes the checks it is deemed legitimate and delivered. If it fails then it is deemed fraudulent and is not delivered.  More...

Irresponsible disclosure? Google reveals bug prior to Microsoft patch

A security researcher from Google's Project Zero has revealed a bug in Windows' Graphic Component GDI Library prior to Microsoft issuing a patch, despite Microsoft being warned back in November 2016.

The bug in question, reported by Googler Mateusz Jurczyk, allows an attacker to access memory using EMF metafiles. The files are a tool implemented in the Windows Graphic Component GDI library and store a list of function calls to display an image on screen. Since some GDI functions allow pointers to callback functions for error handling, a WMF file may erroneously include executable code. More...

UK and China agree coordination on cyber-security issues

Sir Mark Lyall Grant, the UK's national security adviser, hosted Wang Yongqing, secretary-general of the Central Commission for Politics and Law, for the second UK-China High Level Security Dialogue which focused on cooperation on cyber-security, counter-terrorism and countering violent extremism, and organised crime.

“Secretary-General Wang and I agreed ..... to regular coordination on cyber-security related issues in order to prevent cyber-commercial espionage and related transnational criminal activity,” said Grant. More...

Android honey-trap hits 100 Israeli Defence Force soldiers

A cyber-spying campaign targeting Android devices used by personnel within the Israeli Defence Force (IDF) has been reported in a blog post by Lookout and another by Kaspersky, showing more than 100 soldiers became victims when the Android devices were infected by malware, called ViperRat. This malware extracted audio and images from the devices as well as hijacking the device camera to take pictures.

Researchers at Kaspersky said that the spying campaign has been operational since July 2016 with attacks reported as recently as February this year. They said that this campaign is not only active but likely to increase. More....

Vendor hiding supply chain cyber-attack gets uncovered by Krebs

During RSA 2017 in California, RSA released a report that detailed a malware campaign dubbed “Kingslayer” that piggybacked on a popular piece of software used by system administrators at some of the US's largest companies, which helps better understand Windows system events logs. The report says the event log management software was only compromised for two weeks –from 9 April 2015 to 25 April 2015 – whereby the attackers compromised the website which helps sell the software.

Krebs said that, “the intrusion was likely far more severe than the short duration of the intrusion suggests.” Because, “in addition to compromising the download page of the software package, the attackers also hacked the company's software update server,” which would likely mean those with the software already installed might already have the compromised version.  More...