Weekly cyber news update

The NCSC weekly threat report has covered the following:

Oxford University provided comment to an article produced by the Daily Telegraph last week.  It stated that university students are at risk from phishing scams because many top universities are not following best practices to block fraudulent emails; this was based on expert guidance from Proofpoint, a top performing vendor of security products. They found that 65% of the UK’s top 20 universities were not using any form of an industry-recommended email authentication tool. Only one university in the top 20 was using the recommended level of DMARC protection.

Be extra vigilant if emails ask for personal information, banking details or contains unexpected mistakes, attachments or links. The NCSC has published a guide to spotting and dealing with phishing emails.  If you are suspicious, then report your concerns to phishing@infosec.ox.ac.uk for further advice.  

Companies overlooking the importance of cloud security.

Cyber security firm Symantec has published its first Cloud Security Threat Report. The report suggests that that many companies are not focused on the fastest growing threats when it comes to cloud computing security.  They have found that low maturity with cloud security has lead to incidents with 73% of the organisations surveyed.  Most of these already believe that their data is likely already on the dark web for sale.

Journalist data leaked by E3 website.

The personal data of more than 2,000 journalists was recently leaked via a spreadsheet found on the website of the Electronic Entertainment Expo (E3).  This has some commonalities with the breach at Lancaster University which we reported on last week.  Again, personal details have been locally cached by a user on an unsecured excel spreadsheet.  The General Data Protection Regulation (GDPR) requires that personal data is processed securely using appropriate technical and organisational measures. The NCSC has worked with the Information Commissioner’s Office (ICO) to develop a set of GDPR Security Outcomes.

Researcher discloses BlueKeep Exploit.

A security researcher under the Twitter handle @zerosum0x0 has recently disclosed his Remote Desktop Protocol (RDP) exploit for the BlueKeep vulnerability to Metasploit.  This BlueKeep vulnerability was first noted by the NCSC in May. According to a recent report from cyber security firm BitSight, ‘approximately 788,214 systems remain vulnerable’ to the exploit.  An increase in RDP scanning actively, with the objective of exploiting unpatched systems, should be anticipated.  Microsoft has published its own additional advice and guidance.

Privacy and facial recognition in King's Cross.

The Register reports that the private landlord which operates most of the 67 acre King's Cross area is operating a network facial recognition cameras.  It is considered that the codification of peoples faces makes that data a special category biometric data.  This landlord needs to have a lawful basis to collect, process and retain this data under GDPR.  Ironically, one of the buildings covered in this monitored area is Google's London HQ.  Oxford University Information Security can provide advice on how to maintain your personal and business data Confidentiality, Integrity and Availability.