threat updates
UK
Mumsnet announced it was hit by a data
breach. There was a problem affecting
Mumsnet user logins between 2.00pm on
Tuesday February 5 and 9.00am on Thursday
February 7.
During this time, it appeared that a user
logging into their account at the same time as
another user logged in, could have had their
account info switched.
In a statement, Mumsnet apologised for the
incident and said it was believed to have
happened due to a software change, which
was reversed following the breach.
GLOBAL
The UK’s National Cyber Security Centre (NCSC) issued
an alert stating it was investigating a large-scale Domain
Name System (DNS) hijacking campaign that has reportedly
affected government and commercial organisations
worldwide.
In a report, the NCSC said the majority of entities targeted
were in the Middle East, but some impact has been reported
in Europe and the US.
Although the NCSC was not aware of any compromised
entities in the UK, it said the techniques exhibited could
feasibly be deployed against UK targets.
In the campaign, attackers are believed to have compromised
credentials that have given them the ability to manipulate
DNS records, enabling them to redirect traffic to attacker-
owned infrastructure.
24
Issue 11
|
www.intelligentciso.com