NetSafe's email digest on computer security issues
NetSafe Security Central - February 2013 newsletter
Yahoo! Xtra hack: Telecom warns customers to change passwords, beware scammers
Campbell Live talks to Martin Cocker
Cyber security awareness surged amongst many New Zealanders this week after the media reported widespread spam and phishing emails affecting Yahoo! Xtra account holders.

Visitors to the How can I security check my computer? page on the NetSafe website surged by more than 8000% with 1500+ people reviewing our advice since Monday and traffic to Security Central quadrupling over the week.

There are lots of opinions online on how the hack occurred and what ramifications it may have for people who have had their email accounts compromised.

NetSafe would encourage all YahooXtra users to follow Telecom advice and change their password (

We would also encourage you to take this opportunity to review your computer security in general, clearing out old email storage, changing passwords on important accounts and running scans on your machines and patching any holes in software or helper apps.
Email Security Tips
2012 Incident Report: Is cyber crime on the rise in NZ?
NCSC 2012 Incident Reports
The National Cyber Security Centre (NCSC) - the government body which helps agencies and power companies defend against cyber threats - published its 2012 Incident Summary (PDF) yesterday and saw a significant increase in the number of reported attacks against New Zealand government agencies, critical national infrastructure, and private sector organisations over the year.
GCSB Director Ian Fletcher says 134 threats were reported with "at least three serious attacks every week".
Morning Report covered the figures this morning with some commentators saying that NZ corporates and home users need to make more effort to protect against cyber threats.

In light of the media attention this week, do you believe New Zealand is a soft target increasingly targeted by cyber criminals?

Vote now on our poll or send us your feedback by email.

Our last poll in 2012 asked What do you think will be the biggest computer security threat in 2013? 25% of respondents chose targeted social engineering and believed spear phishing or whaling was the biggest threat to watch out for this year.
Visit NCSC
Security News
Cyber Security Awareness Week 2013

We presented to the Auckland Information Security Forum yesterday about the results of last year's cyber security awareness programme and the work of NCSI members and CSAW partners to educate all New Zealanders.

We're close to confirming the dates for the 2013 week - if you would like to become a sponsor or partner please get in touch with programme manager Chris Hails.

Is Everything We Know About Password-Stealing Wrong?

An interesting (US banking sector focused) paper from Microsoft Research suggesting that passwords are but one link in the cybercrime value chain (PDF).

Cloud Computing Checklist for Small Business

Shifting to the cloud can make good business sense but can also open up concerns about data security.

The Privacy Commissioner this week released a privacy checklist to help small business owners answer any questions they may have.

Read the checklist online or download the PDF report "Cloud Computing - A guide to making the right choices".

Passwords Found in the Wild for January 2013

Security consultant Bruce K. Marshall looks at 170,000 passwords shared online and finds PHP powered websites make up 91% of the total hacks

New iOS 6.1 security flaw gives anyone access to your Apple iPhone

It's a tricky one to use but a video uploaded to YouTube suggests a series of keypresses will give anyone access to your iPhone.
Use Adobe Reader for PDFs or Flash to watch videos?

Adobe have had a busy week patching Flash, Shockwave and Reader vulnerabilities.

Make sure you've updated your helper apps to avoid leaving security holes on your home or small business systems.

You can stay up to date with security bulletins at Adobe or by regularly visiting the National Cyber Security Centre Newsroom.  

Why do I need to update?

This article shows how much such widespread software holes are worth to cyber criminals - unpatched computers make easy targets for malicious software.
‘Ransomware’ cybercrime gang busted - NZ Police warns scam continues
An example screenshot of Spanish police ransomware
Spanish Police, working with the European Cybercrime Centre, have arrested a group dedicated to spreading police ransomware and believed to have made almost $1.5m from the scheme.
NetSafe has received 8 more reports from home internet users this week about the malware which locks up computers and displays a message bearing a police logo asking for payment to be made.
New Zealand Police warned this morning that they have also received 'a handful of calls this week' about the scam where people accessing adult websites receive a message purportedly from NZ Police advising them they have been fined for accessing the site and to pay a fee.

If you have been affected: 
* Do NOT pay the ransom
* If you can, report the computer system attack to NetSafe’s ORB website
* If you are not that technical seek expert help
* Be prepared to wipe systems and restore from backups
Our message remains clear: keep your computers up to date and use the free NetSafe Computer Security checklist to work through a series of possible vulnerabilities that could allow the malware to lock up your machine:
Follow on Twitter   Friend on Facebook   Forward to Friend 
Copyright © 2013 NetSafe, All rights reserved.
unsubscribe from this list   update subscription preferences