Latest & Developing News

Scroll down for the latest news and views relevant to the cyber security world.

In an ever evolving security landscape Pelion Consulting takes the latest relevant news and compiles the best bits here.

(Pelion Consulting is not responsible for external content)

ICONS-PPDP-(R)_black

Pelion Press Release

Pelion Consulting is please to announce that Campbell Murray joined us as our new Chief Security Officer (CSO).


Campbell brings with him more than two decades of cyber security experience and knowledge. He began his career during the 90s and quickly founded his own company, Encription Limited. Starting as an “Ethical Hacker” Campbell was a pioneer in “Pen Testing” websites and network based protocols, leading the way by showing businesses the weaknesses in their websites, and resolving the issues. Encription Limited was acquired by Blackberry in 2016 where Campbell then headed their global cyber security consultancy department. During this period Campbell famously “hacked” a wi-fi connected kettle in front of a live audience at a conference in New York to demonstrate how insecure a home internet network typically can be. Described as a “White Hat Hacker” within the industry, Campbell has also consulted for public and private international organisations, and government security services.


Seeing a gap in the industry training market Campbell left Blackberry earlier this year to set up his new business, Merimetso. His new venture aims to provide accessible and relevant training worldwide. Merimetso courses are tailored to the individual student’s needs, providing practical solutions and knowledge immediately. Students are given the physical tools and assisted with developing the mental approach to understand different situations, identify risk and foster a secure cyber culture.

Richard Hodder, Pelion’s Chief Executive Officer, is excited about the benefits of joining forcees with Campbell. “Campbell is a valuable addition to the team. His in-depth understanding and expertise is crucial to serving the sophisticated yachting and maritime sectors. By complementing the services and training we currently offer, we believe that together we can provide the highest standard of service possible for our clients.

“Whether you are an ETO, SSO, Captain or shore based staff looking to gain an entry level understanding or you want to get deeper and more technical, the training which Campbell can offer through Merimetso is best in class - this is a great partnership and I foresee that it will have great benefits for the yachting and maritime sector”

This new partnership comes at a crucial time in the maritime industry as the IMO January 2021 Cyber security regulations are rapidly approaching. Pelion Consulting can navigate you through the new legislation and provide you with a watertight cyber security solution, both in policy and practice.


For further information contact

Julian Defreitas

+34 647 613 570

jd@pelion-consulting.com


Live Webinar Recording: Just How Easy is it to Hack a Yacht


FBI Releases Guidance on Defending Against VTC Hijacking and Zoom-bombing


Live Webinar Recording: Cyber Security Risks on Yachts


Shipbuilder Austal was hacked with stolen creds sold on dark web


Free Webinar: Cyber Security Risks on Yachts

PelionMerimetsoWebinar

COVID-19 Cyber Scams

At this time of heightened crisis and public anxiety due to Coronavirus the best and worst is brought out of people.

Unfortunately scammers use the opportunity to profit from the worries and concerns of individuals. There are numerous reports of fraud related to Coronavirus, email phishing scams, as well as Facebook & Apple messengers. The idea is to have unsuspecting people opening malicious attachments, clicking on bad links that contain malware and giving out sensitive personal information.

Please be careful with messages related to the Coronavirus on social media, email, phone messages and phones calls.

Malicious actors will also be targeting those individuals and employees working from home by VPN. Ensure your systems are patched and update, make sure your staff are vigilant to the risks of phishing emails

Another scam to watch out for is making purchases for over-priced items or items that never arrive. Unfortunately the number of these types of message and the different types of ways to extort information are going to rise as the virus continues to spread and scammers use ever increasingly imaginative ways to do this.

Ultimately - if you’re not expecting an email the safe thing to do is not open it. Think Before You Click!

If you’d like us to help train your staff and crew please get in touch. We are happy to help!

Call our Concierge and speak to Julian on +34 647 613 570


How to See and Delete Alexa's Recordings of You

Worried that Alexa might be holding onto your conversations longer than it should? Amazon's making it easier to delete conversations its voice-powered digital Echo speakers might have recorded — and you can do it all with the sound of your own voice.

https://www.tomsguide.com/us/how-to-see-erase-alexa-recordings,news-24094.html


Exclusive: Data breach exposes 17,000 yachting industry professionals

A data breach at UK-based Crew and Concierge Limited has exposed the personal data of 17,379 people of 50 different nationalities working in the yachting industry.

https://www.verdict.co.uk/data-breach-crew-and-concierge-limited-yachting-industry


Report: Lack of awareness on maritime cybersecurity

World leader in satellite communications Inmarsat has launched its second annual report, in association with The Superyacht Group, to gain a unique understanding of the future requirements for global, mobile satellite communications on superyachts by analysing input from superyacht skippers, senior crew, chief engineers and technical professionals on vessels ranging from 24m to over 100m.

https://seawanderer.org/report-lack-of-awareness-on-maritime-cybersecurity


Hiding a $200 Tiny Malicious Chips Inside IT Equipment to Gain Stealthy Backdoor Access

New research shows how easy to hide a $200 tiny spy Chip inside an IT equipment and to gain backdoor access to the device.

https://gbhackers.com/tiny-spy-chip-it-equipment/


Security expert warns of unprecedented phishing attacks in SA

South Africa is witnessing an unprecedented increase in both simple opportunistic attacks and complex targeted attacks, which are increasingly using sophisticated techniques in an effort to avoid detection, an industry expert has warned.

https://www.itweb.co.za/content/WnxpE74DZYy7V8XL/zlP3gQ2qGRMnRD1W


A huge database of Facebook users’ phone numbers found online

Hundreds of millions of phone numbers linked to Facebook accounts have been found online.

The exposed server contained more than 419 million records over several databases on users across geographies, including 133 million records on U.S.-based Facebook users, 18 million records of users in the U.K., and another with more than 50 million records on users in Vietnam.

https://techcrunch.com/2019/09/04/facebook-phone-numbers-exposed/


FakesApp: A Vulnerability in WhatsApp

As of early 2018, the Facebook-owned messaging application, WhatsApp, has over 1.5 billion users with over one billion groupsand 65 billion messages sent every day. With so much chatter, the potential for online scams, rumours and fake news is huge. It doesn’t help then, if threat actors have an additional weapon in their arsenal to leverage the platform for their malicious intentions.

https://research.checkpoint.com/fakesapp-a-vulnerability-in-whatsapp/


Cyberattack lands Ship in Hot Water

On Monday 8 July 2019 the Coast Guard issued a Marine Safety Alert reporting a successful malware attack on a vessel back in February.

https://nakedsecurity.sophos.com/2019/07/11/cybersecurity-attack-lands-ship-in-hot-water/


Malicious apps pose as popular FaceApp to steal Personal Data

The latest hype around the FaceApp application has attracted scammers who want to make a quick profit.

https://www.welivesecurity.com/2019/07/19/faceapp-spotlight-scams-emerge/


Recent massive malvertising campaign run from Hong Kong

This blog post explores the techniques and tactics of a persistent malvertiser that operates under a company called “fiber-ads”. We provide an overview of the metrics behind their current and historic activity, a glimpse into their infrastructure, and some details around the impact from exposure to their campaigns.

https://blog.confiant.com/hong-kong-based-malvertiser-brokers-traffic-to-fake-antivirus-scams-over-100-million-ads-300e251eff06


Nearly Half of all Phishing Attacks are Polymorphic

Nearly one in two phishing attacks are polymorphic, according to research by IRONSCALES. The self-proclaimed world's first automated phishing prevention, detection and response platform identified 11,733 email phishing attacks that underwent at least one permutation over 12 months, with 52,825 permutations impacting 209,807 inboxes across the world.

https://www.infosecurity-magazine.com/news/half-phishing-attacks-are/


One Year on, EU's GDPR Sets Global Standard for Data Protection

The EU's strict data laws have set the global benchmark for protecting personal information online since coming into force a year ago, but some worry that many users have barely noticed the change.

https://www.securityweek.com/one-year-eus-gdpr-sets-global-standard-data-protection


Spam and Phishing in Q1 2019

An overview of the most reported Spam and Phishing emails doing the rounds at the start of 2019. Do you recognise any of them?

https://securelist.com/spam-and-phishing-in-q1-2019/90795/


Five key cyber-threat terms explained

As cyber security, and specifically cyber threats, are becoming more imminent worldwide, the shipping industry gets affected as well. In order to help understand some of the basic terminology of cyber-attacks, the Korean Register of Shipping explains what five key cyber terms mean.

https://safety4sea.com/five-key-cyber-threat-terms-explained/


SECURE YOUR FUTURE

+34 647 613 570

concierge@pelion-consulting.com

Pelion-Consulting-Main-logo-V2