Research by UKFraud of over 50 UK and European Fraud consultants reveals an expectation from over 80% of those polled, that fraud will increase dramatically across the UK and the rest of Europe in 2012. The areas likely to be most affected include: insurance, merchants and retailers, telecoms, government departments and local authorities. The most common fraud activities are expected to be cybercrime, internal fraud, supply chain and procurement fraud. The only area where fraud is expected to remain stable or to fall is the credit card sector where recent aggressive anti-fraud measures have forced fraud levels to fall.
Read more →Over three quarters of UK office workers would turn a blind eye to malpractice in the office and fail to report it, according to the latest research from the Federation Against Software Theft.
The research also found that two thirds of British workers are unaware of the law when it comes to protecting whistleblowers in the workplace. A staggering 69 per cent of those questioned stated that they had no idea that legislation exists to protect them should they do the right thing.
Read more →With spam SMS messages becoming a growing phenomenon and numbers having dramatically risen over the past ten months, AdaptiveMobile today issues a firm reminder to mobile users to remain vigilant of unsolicited content received on their handsets.
AdaptiveMobile, which was featured on the BBC Watchdog programme discussing the growing problem of SMS spam, warns that text scams can originate from a variety of sources and it is becoming evident that fraudsters are advancing in the ways in which they can target mobile users. Threats can range from simple social engineering attacks that apply to any mobile handset, such as Missed Call Alerts or SMS messages claiming the recipient has won a prize draw and invites users to reply via SMS or by calling a premium rate number, through to more sophisticated attacks that exploit Smartphone capabilities to connect to the internet, resulting in click fraud or as an entry vector for mobile viruses.
Recent data from one of the biggest operator groups we work with shows that each month it blocks on average 1.6 million unwanted incoming SMS messages per country from other operators –60 per cent of which are rogue advertising messages.
The mobile phone is such a personal device and people have grown too trusting when it comes to the content on their handsets. If recipients receive an SMS message, many click on it without a second thought, which is all it takes for the fraudulent activity to begin. Whilst some mobile operators are working to combat these threats at a network level, users also need to play their part if they’re to stay safe in an increasingly mobile world.
AdaptiveMobile advises users to consider the following steps to protect themselves against SMS spam:
Check mobile bills
Mobile users should always check their bill. If they think they are losing credit or have unusually high charges, they should call their mobile operator immediately
Treat an SMS text as email
Consumers should treat SMS with the same caution as email – messages sent may not always be from legitimate senders, despite many looking like they are. Apparent senders can easily be faked, so looking them up on the web and calling the number given on the website can be a simple way to check
Beware of “opt-outs”
Subscribers should be aware that options being offered in messages to “opt-out” may actually be a fraudulent attempt to get users signed up. If there are concerns that this is the case, they should call their mobile operator and state that they have responded with a stop command to the sender
Be cautious with URLs
If a URL is given in a text, users shouldn’t access it on their phone. Instead they should type it in to a PC browser to check the site – a more secure way to access and double check links
Gareth Maclachlan, COO, AdaptiveMobile comments:
“With the growing number and complexity of mobile security threats being targeted at mobile users, combined with the increasing penetration of ‘smarter’ devices, mobile operators need to ensure customers are protected and stay one step ahead of the threats.
Mobile operators now understand that traditional approaches to securing networks are no longer adequate in coping with the rising number and sophistication of attacks and operators are now taking proactive steps to ensure that this is the case. In a competitive industry where trust is key to reducing churn and maximising each customer relationship, those operators that strive to protect their subscribers will be the ones that ultimately succeed in winning and retaining customers.”
Read more →“Too many paramedics and other frontline professionals are still opposed to wearing stab vests or other forms of body protection, due to simple misperception”, says Robert Kaiser, CEO of UK based PPSS Group.
Many internal surveys, conducted by the UK’s Ambulance Trusts concluded that stab vests are not wanted by their frontline staff.
Robert Kaiser strongly believes this is simply due to ‘technical and design misperceptions’ of body armour.
“We have conducted a six months survey, questioning a number of paramedics within the UK how they feel about stab vests, and the result is absolutely clear”.
“Of course, there will be people doubting the efficiency of our survey. Nevertheless, we strongly believe this survey shows once again, professionals require user friendly protection”.
Based on the PPSS survey, 72.8% of those completing the survey stated “stab vests, which offer blunt trauma protection, should be issued to ALL Paramedics”.
87.7% also confirmed that “paramedics should be issued with their OWN INDIVIDUAL stab vest”.
55.6% mentioned they were not aware of the latest available advances in covert stab vests, e.g. thickness, weight, concealability and wearability.
“Many of these professionals still believe stab vests are 6kg heavy, one inch thick, bulky, uncomfortable, restrictive and confrontational looking. But this is now far away from the truth”.
Mr Kaiser is convinced that the majority of violent attacks on emergency services staff in the UK are not edged weapon, knife or needle related. He believes that the majority of assaults are ‘blunt trauma related incidents’.
“Based on many years of frontline experience and our extensive research we know that the risk of knife or needle attacks exist, but this risk is nowhere near as high as the risk of being pushed, punched or kicked whilst on duty”.
“This is why we have developed concealable, ultra thin and 2.1kg light body armour that protects the wearer from any type of knife and needle, but more importantly also from punches, kicks and any type of blows”.
Mr Kaiser explains: “I think it is time to ask paramedics, prison officers and other emergency services personnel the right questions and educate them in a caring and supportive manner.”
“Let us show them how much body armour have advanced. We fully understand the operational responsibilities and risks of ambulance personnel and our body armour reflect this understanding”.
On Thursday 10th April, PPSS Group delivered a very informative public presentation, demonstrating the astonishing capabilities of their recently developed body armour, stab vests and slash resistant clothing at the London Islington Hilton Hotel. The event was attended by numerous organisations and professionals.
Aiming to clarify the common misperceptions of body armour, Mr Kaiser himself demonstrated the effectiveness and capabilities of the equipment. The two LIVE demonstrations, which saw the audience gasping for air, certainly had a huge impact and impressed all visitors.
Mr Kaiser strongly recommends to all NHS Ambulance Trusts, Healthcare Trusts and any organisations which employ frontline professionals to re-look at the potential requirements for user friendly and lightweight body armour..
Should you have any questions in reference to body armour, stab vests or slash resistant clothing, then please feel free to contact PPSS Group on +44 (0) 845 5193 95 email info@ppss-group.com or visit www.ppss-group.com
PPSS Group is a UK based manufacturer of UK Home Office certified stab vests and the company behind Cut-Tex® PRO. This groundbreaking fabric is the world’s strongest cut resistant fabric and is now used to manufacture slash resistant clothing for police, military, emergency services, prisons and private security professionals all over the world.
Robert Kaiser, CEO of PPSS Group is frequently invited to speak in front of large audiences about the latest body armour developments within homeland security and domestic frontline services. He is acting as body armour consultant for a number of organisations, associations and government departments. He is also organiser of the annual LONE WORKER SAFETY Conference & Exhibition, taking place in London in May very year.
Read more →Stonesoft, an innovative provider of integrated network security and business continuity solutions, discovered Advanced Evasion Techniques (AETs) last year. Since then, it has been verified that the threat posed by AETs to organisation’s critical data capital and systems is constantly evolving and dynamic. Here Stonesoft shares six tips for organisations to protect their critical data assets and systems against Advanced Evasion Techniques.
Evasions are a way to bypass network intrusion prevention systems (IPS) or any security device that is supposed to do network traffic inspection. As such, evasion techniques have been known for a long time. However, when Stonesoft discovered the AETs – a new threat category that existing network security systems are not able to detect – the information and the first 23 samples were quickly delivered to the Computer Emergency Response Team CERT-FI and later announced to the public. Stonesoft has recently shared 124 newly discovered samples with CERT-FI. However, this was just the tip of the iceberg.
“As a rule, all services have their scheduled maintenance windows, and organisations use intrusion prevention systems to protect their critical data assets also between maintenance updates. These network threats and maintenance restrictions apply also to industrial SCADA networks, which were targeted by the Stuxnet worm in 2010. However, advanced evasion techniques are capable of bypassing this protection and delivering attacks without being detected by the security devices like IPS. This means that the vulnerabilities of the systems can be exploited at any time,” Tomi Kononow, StoneGate IPS Product Manager at Stonesoft explains. “To protect their critical data assets against AETs, organisations must be proactive, question their existing security solutions and look for alternative options to fight this new threat posed by Advanced Evasion Techniques. The playfield of network security has changed and the old methods do not apply any more.
Organisations should follow the six tips listed below to increase their level of protection against AETs:
Increase your knowledge: of Advanced Evasion Techniques. They differ from traditional evasions in many ways, and it is important to understand that they are not attacks as such, but delivery methods to carry payloads to the vulnerable target without being detected by firewall and IPS devices. Thus, there is no bullet proof solution against them. You can minimise the risk of getting exploited by using a network security solution that is capable of multi-layer traffic normalisation and an intelligent security platform that is continuously updated against AETs.
Analyse the risks: Audit your critical infrastructure and analyse the most significant assets of your organisation, how and where they are currently stored and whether the information is backed up. Prioritise. Start by making sure your critical assets and public services have the best possible protection against AETs.
Re-evaluate your patch management. When possible, patching the vulnerable systems gives the ultimate protection against the network attacks, regardless whether they have been boosted by the AETs. Evasions can only help the attacker to bypass the intrusion prevention systems (IPS) or next generation firewalls (NGFW), but they do not assist in an attack against a patched system. It is understandable, however, that the patch testing and deployment takes time even under the best circumstances and for this time the recommendations for proper IPS protection, as follows, apply.
Re-evaluate your intrusion prevention solution. Evaluate your existing intrusion prevention solution (IPS) and NGFW with respect to its capability to protect your network against AETs. Be critical, proactive and look for alternative options. Keep in mind that AETs have changed the security landscape permanently. It is a fact that if a security device is not capable of handling evasions, it is practically useless – no matter how good a block rate it has or many certifications or awards it has won.
Re-evaluate your security management. Centralised management plays a crucial role in protecting against AETs. It allows you to automate AET updates and schedule software upgrades remotely and effortlessly, thus making sure you always have the highest possible protection against AETs.
Test anti-evasion capabilities of your security devices in their own environment by using your own policies and configurations. Many security vendors know how to survive simulated and recorded evasions when these are well predefined and stable in lab environment. However, when facing live and dynamic evasion disguised exploits, these systems go blind and are incapable of protecting your data assets. If you really want to know the level of your current protection against AETs, field testing is required.
Read more →
Latest Feedback