Archive for January, 2016

Employers monitoring private online chats – a violation of human rights?

Author: Chris Spencer, Forensic Services Manager, Sapphire

In 2007, a Romanian engineer was dismissed after his employer discovered he was using Yahoo Messenger to chat not only with his professional contacts but also with his fiancée and other family members.

Company policy had prohibited the use of the messaging app for personal purposes.

The engineer …

Continue Reading

A 3-Step Security Action Plan for Financial Firms

Published on the Trustwave Blog, 21st Dec 2015
Authors: Jane Dotsenko

The finance sector is a prime target for cybercrime and appears fourth in the list of industries most commonly attacked by hackers, according to the 2015 Trustwave Global Security Report. This illustrates just how attractive the sector remains to intruders – and how prone to …

Continue Reading

Turkish Clicker: Check Point Finds New Malware on Google Play

Published by Check Point Research Team on 8th Jan 2016
Authors: Andrey Polkovnichenko and Oren Koriat

The Check Point research team has discovered an extensive malware campaign on the Google Play™ store. Check Point Mobile Threat Prevention detected the first samples of malware we call “Turkish Clicker” on several customer devices.

The malicious code was found …

Continue Reading

Mr. Robot and Tenable

Published: Tenable Blog, 9th Nov 2015
Author: Matt Hand

At Tenable, we’re huge fans of USA’s cable series, Mr. Robot. The show follows Elliot Alderson, a talented, yet troubled, security engineer at Allsafe Cybersecurity who connects with people by “hacking” them. He becomes involved with a hacktivist group, fsociety, whose goal is …

Continue Reading

Check Point Threat Alert: Outlook OLE Vulnerability

Published by Check Point Research Team on 29th Dec 2015

Object Linking and Embedding (OLE), developed by Microsoft, allows users to embed and link to documents and other objects. However, a Remote-Command-Execution vulnerability was found in Microsoft Office that allows remote attackers to execute arbitrary code via a crafted email message …

Continue Reading

Sapphire’s Paperless Conference Makes Headlines

In September 2015, Sapphire’s flagship event, the National Information Security Conference (NISC) marked its 15th consecutive year by choosing to be paperless; reducing carbon emissions and enhancing the experience for all attendees.

Inspired by Glasgow’s ‘Green in 2015’ initiative, Sapphire worked with the staff at the Westerwood Hotel and the conference …

Continue Reading