Posts

Warning issued to Sky customers amid hacking concerns


Sky customers have been warned that a recent security breach may have led to six million customers being spied on.

The worrying flaw in Sky’s routers was discovered by researcher Raf Fini from Pen Test Partners, reports The Mirror.

The findings revealed six million devices could have been susceptible to hacking.

Read more UK headlines here

It could be a common problem as people do not update the security on their router.

In May, the consumer watchdog Which? warned that a common flaw in people’s routers was a lack of security updates.

So was anyone affected and how can you check if the problem affected you?

What was the Sky breach?

Findings from Pen Test Partners have said that people affected were easily exploited.

People were drawn in easily by a phishing email, designed to link someone to a website with malicious software on it.

From there, everything could be easily accessed, including passwords for banking sites.

There is no evidence so far that people’s routers were actually exploited, but people are being encouraged to check.

Who was affected by the Sky hack?

A Sky spokesperson said in a brief statement after the report: “We take the safety and security of our customers very seriously.

“After being alerted to the risk, we began work on finding a remedy for the problem, and we can confirm that a fix has been delivered to all Sky manufactured products.”

The issue is reported to have taken up to 18 months to fix and around six million people were at risk.

“While the coronavirus pandemic put many internet service providers under pressure, as people moved to working from home, taking well over a year to fix an easily exploited security flaw simply isn’t acceptable,” Pen Test Partner’s Ken Munro told the BBC.

If you are one of the 1% of Sky’s customers who does not have a router made by Sky, you can have it replaced free of charge.

The models that were affected are as follows:

  • Sky Hub 3 (ER110)
  • Sky Hub 3.5 (ER115)
  • Booster 3 (EE120)
  • Sky Hub (SR101)
  • Sky Hub 4 (SR203)
  • Booster 4 (SE210)
  • Sign up to the StokeonTrentLive newsletter for all the latest news by clicking here.

    How do I check if my router was hacked?

    The vulnerability exploited by hackers that was found in the routers…

    Source…

    PNB customers’ data exposed for seven months due to server vulnerability: Report


    A vulnerability in the server of Punjab National Bank allegedly exposed the personal and financial information of its about 180 million customers for about seven months, according to cyber security firm CyberX9.

    CyberX9 has claimed that the vulnerability provided access to the entire digital banking system of PNB with administrative control.

    Meanwhile, the bank has confirmed about the glitch but denied any exposure of critical data due to the vulnerability.

    PNB said “customer data/applications are not affected due to this” and “server has been shut down as a precautionary measure.”

    “Punjab National Bank kept severely compromising the security of funds, personal and financial information of over 180 million (all) its customers for about the last 7 months. PNB only woke up and fixed the vulnerability when CyberX9 discovered the vulnerability and notified PNB through CERT-In and NCIIPC,” CyberX9 founder and MD Himanshu Pathak told PTI.

    He said CyberX9 research team discovered a very critical security issue in PNB which was leading to admin access to internal servers hence exposing a massive number of banks’ systems nationwide open for cyber-attacks for the last about seven months.

    Pathak said that vulnerability was found in an exchange server which is interconnected with other exchanges and shares all access — including access to all email addresses which results in access to all email addresses.

    “The vulnerability which we discovered was leading to the highest level of admin privilege in PNB’s exchange servers. If you gain access to Domain Controller through an exchange server then the doors very easily open to make any computer accessible in the network.

    “These computers even include those that are being used in their branches and other departments,” Pathak said.

    When contacted, PNB said the server in which the vulnerability was found had no sensitive or critical data.

    “The server wherein the vulnerability was reported, was being used as one of the multiple Exchange Hybrid servers used to route emails from On-prim to Office 365…

    Source…

    Sierra Wireless offers its customers 5G cellular wireless connectivity for their business-critical apps


    Sierra Wireless launched its 5G managed network service in the United States, offering customers the speed and ultra-low latency of 5G cellular wireless connectivity for their business-critical applications.

    Sierra Wireless’ fully managed network services provide end-to-end broadband solutions for permanent, temporary, and back-up connectivity in retail, food and beverage, healthcare, digital signage, kiosk/POS, and distance e-learning applications. These turnkey solutions offer simple, cost-effective, and reliable internet connectivity with no upfront equipment purchase cost, guaranteed uptime, and seamless management, with accountability from one point of contact.

    “With cloud-based management and reporting, and cross-carrier pooling ensuring the best network coverage at all times, Sierra Wireless’ 5G managed network service can be used with our world leading XR Series 5G routers,” said Tom Mueller, Vice President of Product Enterprise Networking, Sierra Wireless.

    “In addition, it also offers plan flexibility with a rental option lowering initial investment, and can reduce the cost of using, managing, and operating a connectivity network internally. With 5G changing the business landscape, Sierra Wireless is enabling customers to transform their digital operations, and to take advantage of 5G’s ground-breaking new capabilities with the availability of our new managed network services.”

    With their unique service-level agreement, Sierra Wireless’ managed network services ensure business-critical functions with guaranteed connectivity uptime and constant monitoring of network performance managed 24/7/365 by Sierra’s team of wireless professionals. The services also include use of Sierra Wireless’ hardware and software, with updates for security and firmware, as well as an always-on out-of-band management link to the AirLink Management Service (ALMS). This unique capability ensures the ongoing operational success of 5G deployments, simplifies operations, and reduces downtime.

    Sierra Wireless’ managed network services are available in three options:

    • Basic, the cost-effective backup cellular solution for non-critical systems.
    • Premium, including all the…

    Source…

    Roadmap to secure digital banking and delight customers


    Digital payment credential use including smart phone mobile payments is skyrocketing. E-commerce continues its sharp upward trajectory with the associated exponential growth in card-not-present (CNP) transactions. And remote account opening has become the norm. Sound familiar? What about growing consumer privacy concerns? Increasing incidents of identity theft? Intensifying threat landscape?

    There’s no doubt that banking is undergoing unprecedented digital transformation creating new opportunities and challenges for financial institutions, merchants, and consumers. With global identity fraud losses topping $56B