Thursday Threat Report: Used phones leaking data, UK travellers hit by malware, and the growing APT threat

Welcome to ITProPortal's Thursday Threat Report, where we round up the three greatest security threats facing Internet users, smooth-running enterprise, and occasionally even the survival of the world as we know it. Hold onto your hats - things are about to get scary.

Mint condition?

Second hand phones contain a vast quantity of personal information that is still accessible, according to a study by security firm, Avast.

Avast bought 20 smartphones on eBay that had been "wiped," but were still able to access 40,000 photos, 750 emails and texts, 250 names and addresses, a completed loan application and more. One of the phones did have security software installed, but even this provided sensitive information.

On one particular handset, hackers at Avast were able to access the previous owner's Facebook page, see his GPS coordinates and find the names and numbers of over a dozen contacts.

Independence Day malware

Just in time for the 4 July Independence Day celebrations in the US, researchers from security firm Proofpoint has discovered a particularly nasty piece of malware targeting travel sites and directly affecting British tourists.

The discovery shows that popular travel destination websites for cities including Boston, Houston and Salt Lake City have been exploited and are serving malware to unsuspecting visitors. The malware is also particularly potent: it goes undetected by all but four out of the 51 antivirus products on Virus Total.

The growing APT threat

According to research by security outfit ISACA, one in five businesses have experienced an Advanced Persistent Threat (APT) attack and only 15 per cent of the surveyed 1,220 security professionals believed that they were prepared for such an assault.

"It is absolutely critical for enterprises to prepare for them, and that preparation requires more than the traditional technical controls," ISACA's Tony Hayes told reporters.

Andrew Rose, principal analyst for security and risk at Forrester Research, told us that he believed that it was often a case of "when, not if" when it comes to this type of threat, so two-thirds (66 per cent) was a little low.

Porthole Ad