google-site-verification: googlee9447d3b266da5de.html NCSC (National Cyber Security Centre) - Weekly Threat Report @ncsc #cybersecurity

NCSC (National Cyber Security Centre) - Weekly Threat Report @ncsc #cybersecurity

Friday, November 8, 2019

Weekly Threat Report - 8th November 2019

 

 

Flaw revealed in Amazon’s Ring Video Doorbell Pro

 

Security researchers at Bitdefender have revealed they discovered a flaw in Amazon’s Ring Video Doorbell Pro, which could allow an attacker to steal home Wi-Fi credentials.

 

It’s reported that the device’s smartphone app sent credentials in plain HTTP language during set-up and configuration. Researchers said an attacker – within close range – could target the device with a type of denial of service (DoS) attack and get it kicked off the Wi-Fi network. When the consumer reconfigured the device, details would then be exposed.

 

Bitdefender has been working with Ring's tech team to help mitigate this issue and say Ring Doorbell Pro cameras have received a security update that fixes the flaw going forward.

 

Alongside DCMS, we’re encouraging manufacturers to ensure the safety of their products and we’ve developed a code of practice to help keep consumers safe.

 

You can find the NCSC’s guidance on smart devices in the home.

 

Trend Micro discloses insider threat impact

 

Cyber security company Trend Micro has revealed that an employee has stolen and sold data affecting thousands of its customers.

 

In a statement on its website, Trend Micro confirmed that the unauthorised disclosure of personal data had been a result of a malicious insider.

 

Following investigation the company has taken action to ensure no further impact. It also confirmed that up to 70,000 of its 12 million customers has been affected.

 

Trend Micro has apologised in their online statement and has also given customers key information to consider in the aftermath of this incident including the fact that they would never call customers unexpectedly.

 

The risk of insider threat is a real one for organisations. The Centre for the Protection of National Infrastructure (CPNI) has guidance about reducing the risk of insider threats. Another good starting point for any business looking to secure themselves would be the NCSC’s 10 steps to cyber security.

 

 

National Cyber Security Centre Weekly Threat Reports

 
ASKET Cyber Security Resources
 

 

 

 

 

Please reload

ASKET Ltd The Worlds Trusted Broker
ASKET Social Media
  • Grey LinkedIn Icon
  • Grey Twitter Icon
  • Grey Facebook Icon

SOCIAL MEDIA

ASKET Contact

CONTACT

UK Tel: +44 7827 012195

UAE Tel: +971 5283 33164

Email: broker@asket.co.uk

ASKET Address

ADDRESS

ASKET Ltd

86-90 Paul Street

London

EC2A 4NE

Company NO: 08763474