Edinburgh Trust Forum

NCC Group are hosting a Trust Forum in Edinburgh on the 19th of March with a presentation from Police Scotland Cyber Crime Unit on the subject of current trends in cyber crime. This is a free event and a good chance to meet others within the security field from both the Public and Private sectors.

more information can be found here http://www.eventbrite.co.uk/e/join-us-for-the-edinburgh-trust-forum-on-march-19-2015-to-find-out-more-about-policing-the-21st-tickets-15872310508?aff=es2

Cyber bank robbers steal $1bn, says Kaspersky report

Up to 100 banks and financial institutions worldwide have been attacked in an “unprecedented cyber robbery”, claims a new report. Computer security firm Kaspersky Lab estimates $1bn (£648m) has been stolen in the attacks, which it says started in 2013 and are still ongoing. A cybercriminal gang with members from Russia, Ukraine and China is responsible, it said.

full story on the bbc

http://www.bbc.co.uk/news/business-31482985

Next Group Meeting

Our next group meeting will be hosted by Highland Council on Tuesday 17th February. Details and location are included in the weekly update. Highland Council are also looking for confirmation of numbers, so please let Iain Kerr know if you plan to attend.

If you have anything you would like added to the agenda please let either Chair or Depute know.

Microsoft Security Bulletin MS14-068 – Critical

This security update resolves a privately reported vulnerability in Microsoft Windows Kerberos KDC that could allow an attacker to elevate unprivileged domain user account privileges to those of the domain administrator account. An attacker could use these elevated privileges to compromise any computer in the domain, including domain controllers.

Read more at https://technet.microsoft.com/library/security/MS14-068

Dyreza Banker Trojan

A large scale phishing campaign that utilises malicious links, used to bypass Anti-Virus defences, and connect to malicious servers hosting Dyre/Dyreza malware. The emails are propagated through spam messages, many of which appear to be messages from financial institutions.
Dyre/Dyreza is a banking trojan that exploits vulnerabilities within the infected machine’s systems, potentially giving malicious actors remote access into the infected machine, and allowing hostile actors to intercept sensitive login information. During an attack, a user is tricked into believing they are authenticating to a legitimate site, but the malware is re-directing the traffic to servers under the attacker’s control.

more information cab be found at

http://threatpost.com/dyreza-banker-trojan-seen-bypassing-ssl/106671

http://phishme.com/project-dyre-new-rat-slurps-bank-credentials-bypasses-ssl/